ERWALL

ERWALL Client Installation

Quick Installation for Debian-based Distributions

Run the following command to automatically install ERWALL Client on your Debian based distributions.

curl -sLO https://www.erwall.io/downloads/linux-x64/erwall-client.deb && sudo apt install ./erwall-client.deb

Manual Installation

Download ERWALL Client files from here. You can run the following commands to install ERWALL Client on your servers. First, install requirements:

sudo apt-get update -y
  sudo apt-get install -y iptables
  sudo apt-get install -y ipset

Download ERWALL Client

Now, you can create appsettings.json file to configure your ERWALL Client application.

Example appsettings.json file:

{
  "Logging": {
    "LogLevel": {
      "Default": "Information",
      "Microsoft": "Warning",
      "Microsoft.Hosting.Lifetime": "Information"
    }
  },

  "ErwallService": {
    "Host": "",     # host of Erwall Server, example: erwall.company.com
    "PeriodInSeconds": 30,  # rule fetching period in seconds, recommended:30
    "IpSetSaveFile": "ip-set.txt",
    "IpTablesSaveFile": "ip-tables.txt"
  }
}

Run this command to configure ERWALL Client:

./ErwallClient configure --host=<HOST> --period=<SECONDS>

After completing these operations, you can start to use ERWALL Client with the following command:

./ErwallClient run       # this may need admin privileges in order to change iptables / ipset rules

Running ERWALL Client requires admin privileges in order to change iptables/ipset rules.

If you want to use the ERWALL Server as a Linux service, you can use following commands.

Example Linux Service File for ERWALL Client Application:

[Unit]
Description=Erwall Client Service

[Service]
WorkingDirectory=/home/erwall/Client
ExecStart=/home/erwall/Client/ErwallClient run
Restart=always
# Restart service after 10 seconds if service crashes:
RestartSec=10
KillSignal=SIGINT
SyslogIdentifier=erwall-client
User=root
Group=root
Environment=DOTNET_PRINT_TELEMETRY_MESSAGE=false

[Install]
WantedBy=multi-user.target

# you may need admin privileges for these commands

  systemctl enable /path/to/service_file            # enables linux service
  systemctl disable erwall-client                   # disables linux service
  service erwall-client start
  service erwall-client status
  service erwall-client stop
  service erwall-client restart
  journalctl -u erwall-client --no-pager -n 100    # displays last 100 logs  
  [Unit]
  Description=Erwall Client Service
  
  [Service]
  WorkingDirectory=/home/erwall/Client
  ExecStart=/home/erwall/Client/ErwallClient run
  Restart=always
  # Restart service after 10 seconds if service crashes:
  RestartSec=10
  KillSignal=SIGINT
  SyslogIdentifier=erwall-client
  User=root
  Group=root
  Environment=DOTNET_PRINT_TELEMETRY_MESSAGE=false
  
  [Install]
  WantedBy=multi-user.target

Documentation

ERWALL Client Installation

Quick Installation for Debian-based Distributions

Manual Installation

ERWALL

Useful Links

Stay Up to Date