Step 7: Block All Traffic

Wait, what?! Yes—block all traffic. By default, the IPFire firewall allows all outbound traffic to go, well, out. We don’t really want that. Just like the house analogy, we want to start closing and locking doors and windows and start monitoring who comes in and goes out of the house.

In firewall parlance, we need to start creating firewall rules. We can get very prescriptive about what we allow out the door, when, and even to where. It’s kind of like telling your kids that they can only go out for an hour, to their friend’s house, and only to play a video game. Firewall rules let us get very detailed in the same manner.

Forwarding Options

We start by navigating in the IPFire Console over to the Firewall->Firewall Options screen. At the bottom of the screen is the Default Firewall Behaviour options. We want to reset the  Forward option to “blocked.” Once changed, simply press the save button beside the option.

Once saved, we can test the firewall by opening a new browser window and trying to navigate to a website. It should not succeed, eventually timing out and returning a message about the server not responding. That’s good! Our firewall is doing its job by blocking outbound traffic.