Linux-2.2 ipchains firewall/NAPT/NAT administration

What is firewall? | Features | Supported Platforms | Documentation | Download

What is firewall?

Firewall is a set of scripts (firewall, fwup and fwdown) that implement an ipchains firewall and various forms of network address and port translation. All you have to do is read the policy file and edit it to reflect your topology and filtering policy.

The policy file is composed of sections in which you need to specify: this host's trusted and untrusted network interfaces; this host's role and function within the network topology; the incoming and outgoing services to allow and the internal and external hosts that may take part in them. It has been designed to make this as painless and flexible as possible.

Each section contains detailed explanations and advice on things such as when to start the firewall and the security implications of various well known internet services and advice on how to allow them safely. It is intended to introduce administrators to some subtleties of packet filtering quickly so that they can make better informed security decisions and achieve and maintain effective network security (at least the packet filtering part) in a very short time. Of course, it will not prevent you from achieving bad network security, but you will have been warned.

Firewall is freely available under the GNU General Public License.


For more information see the Documentation section.

Supported Platforms

Currently, firewall is only for 2.2 linux kernels or 2.4 kernels that use the ipchains backwards compatibility module. Firewall should work on any Linux distribution including LRP (supports building an LRP package containing the firewall scripts and your policy file).


There is a README file and firewall.policy:

README - Readme, Install, Remote Install, LRP Package Install, Extras, Requirements, Copying, History, References, Bugs, TODO
firewall.policy - Firewall/NAPT/NAT policy file containing explanations and advice


Latest: firewall-20020626.tar.gz (186,261 bytes) (MD5 1b11adc65adb607c54bec7905c8dd58a)
Previous: firewall-20010815.tar.gz (161,993 bytes) (MD5 7e60012b75cd1df91efb8ef4a0cf9534)
firewall-20010801.tar.gz (161,895 bytes) (MD5 f49f9076fb2166abc725b4b127a3ea49)
firewall-20010507.tar.gz (161,498 bytes) (MD5 088be1c66a1eae3ba280f6f7277dd032)
firewall-20010214.tar.gz (147,953 bytes) (MD5 db535fb51341eb2f23675f36d46ca635)
firewall-20010211.tar.gz (147,887 bytes) (MD5 16f431e88564527fad7cde4ad1c929b0)
firewall-20000914.tar.gz (141,959 bytes) (MD5 fc230d0ca86a5f05980a69485e5301c3)
firewall-20000601.tar.gz (126,303 bytes) (MD5 dccddd0d95734b005125352615dee268)
firewall-20000430.tar.gz (88,754 bytes) (MD5 90e379882f48ae63ecd8103d6a5e9fa2)
firewall-20000421.tar.gz (86,747 bytes) (MD5 fb7e4075e8c78d0f3a97194752912d59)
firewall-20000402.tar.gz (34,398 bytes) (MD5 7293b309a07890db7f8f5a7fda0d7bc7)
firewall-20000321.tar.gz (34,481 bytes) (MD5 18d89e93f12ca8ddb869b9025cf1ab16)
firewall-20000309.tar.gz (31,146 bytes) (MD5 3e98597413fe686be377899cbcab7db7)
firewall-19991231.tar.gz (20,066 bytes) (MD5 e1aa53bcdb79850bf2edd9db9e7a337a)

What is firewall? | Features | Supported Platforms | Documentation | Download

Last modified by raf at Wed, 26 Jun 2002 22:35:41 +1000 ( html css tsl dnssec hard)