Re: [resolved] How can I tell if I have a firewall up and running?

Here's what is great to see:



UFW not installed here -- just default Debian Sid. But I have gone through all the settings options on my TrendNET router and tried to make it as tight as possible.

You might want to look into the advanced settings for your router -- disable "DMZ", disable "WAN ping respond", and stuff like that.

Re: [resolved] How can I tell if I have a firewall up and running?

If you have a NAT router with firewall enabled between your laptop and the internet, shieldsup is probing your router's firewall and none of the traffic generated by shieldsup is getting to your laptop or it's firewall (unless you have set up some port forwarding on your router to forward the traffic to your LAN network or DMZ).

So you have to check your router configuration to stealth the three ports reported as closed. And if you wish to test your laptop's firewall you'll have to take out your router (and it's firewall) out of the equation, like plugging your laptop directly into your modem (if it is a separate device).

20/21 are ftp ports and 500 is used by IPSEC (do you have ipsec passthrough enabled on your router?).

Not really, a result of closed means shieldsup got a response of "no service here" (REJECT) when it probed the port instead of the firewall dropping the request with no response (DROP). But it is usually educational to find out why the firewall didn't drop the packet.