This is not a simple firewall to get started with as it can be a bit of an uphill battle to get all the outgoing connections vetted (if you want to filter those), but I’d imagine once set up, it is a pretty powerful tool to have.
Key features:
- Interactive outbound connections filtering.
- Block ads, trackers or malware domains system-wide.
- Ability to configure system firewall from the GUI (nftables).
- Configure input policy, allow inbound services, etc.
- Manage multiple nodes from a centralized GUI.
- SIEM integration
It is regularly updated, with 74 contributors contributing to over 30 releases. The project has also received over 10,000 starts.