Linux-2.2 ipchains firewall/NAPT/NAT administration

What is firewall? | Features | Supported Platforms | Documentation | Download

What is firewall?

Firewall is a set of scripts (firewall, fwup and fwdown) that implement an ipchains firewall and various forms of network address and port translation. All you have to do is read the policy file and edit it to reflect your topology and filtering policy.

The policy file is composed of sections in which you need to specify: this host's trusted and untrusted network interfaces; this host's role and function within the network topology; the incoming and outgoing services to allow and the internal and external hosts that may take part in them. It has been designed to make this as painless and flexible as possible.

Each section contains detailed explanations and advice on things such as when to start the firewall and the security implications of various well known internet services and advice on how to allow them safely. It is intended to introduce administrators to some subtleties of packet filtering quickly so that they can make better informed security decisions and achieve and maintain effective network security (at least the packet filtering part) in a very short time. Of course, it will not prevent you from achieving bad network security, but you will have been warned.

Firewall is freely available under the GNU General Public License, Version 2 or later.


For more information see the Documentation section.

Supported Platforms

Currently, firewall is only for 2.2 linux kernels or 2.4 kernels that use the ipchains backwards compatibility module. Firewall should work on any Linux distribution including LRP (supports building an LRP package containing the firewall scripts and your policy file).


There is a README file and firewall.policy:

README - Readme, Install, Remote Install, LRP Package Install, Extras, Requirements, Copying, History, References, Bugs, TODO
firewall.policy - Firewall/NAPT/NAT policy file containing explanations and advice


Latest: firewall-20041231.tar.gz (194,524 bytes) (SHA256 c7dd1bcb0e943d4c9544d0f84a0e94d83e50045b949e4a16a9feb7dcc53e3043)
Previous: firewall-20041215.tar.gz (188,194 bytes) (SHA256 6a44a2a276b16c026155ce4880a585affc911d8d26e726155f1c8324b65f8252)
firewall-20020626.tar.gz (186,261 bytes) (SHA256 48aab3cbdc7f40464f440936d8dd5f1898d91e2ec91daeb19adc9f46bbe256c0)
firewall-20010815.tar.gz (161,993 bytes) (SHA256 0d87ab3767e418a9790199e90cd14d7895c2fa2b3abd3375759edd795b9f21de)
firewall-20010801.tar.gz (161,895 bytes) (SHA256 b3942e0a7eccfb6b127928a89b6a93073164aa20e2659626e12571b23614930c)
firewall-20010507.tar.gz (161,498 bytes) (SHA256 1ff6a757c31aae4cb53b1493cd13fd88a689b3dd545de0b3fbbaa6f92d3693bf)
firewall-20010214.tar.gz (147,953 bytes) (SHA256 163e0cf76dc9fac015cbd3babbd18dbd65714ff99056ad07b369d8e897b9f057)
firewall-20010211.tar.gz (147,887 bytes) (SHA256 b8b625bd7e056590940378efc379d545ee87e21f58b96990936db38cb946c9bc)
firewall-20000914.tar.gz (141,959 bytes) (SHA256 8257f86fbb8ed5bb0a0236cd3a4c83da3455be9a3214d6c74a810edd63272054)
firewall-20000601.tar.gz (126,303 bytes) (SHA256 843911eaa205cbf78e2e930e5924e802fa178a5aac23da1c58e7d4a2c4c576ff)
firewall-20000430.tar.gz (88,754 bytes) (SHA256 b0e42ad15b525b3459a254089a50a21bea06286032afab4e784503fff982027b)
firewall-20000421.tar.gz (86,747 bytes) (SHA256 81ef3f719aa92378519c39bbfa7b9b29411f34c9472dc1055769ee760173de8a)
firewall-20000402.tar.gz (34,398 bytes) (SHA256 ffe32bdbd85d2092b7b593dd34800a29f47054e945ea4bb47c20240d7deba51d)
firewall-20000321.tar.gz (34,481 bytes) (SHA256 4409edb5f7cb26d9d51415bfb40429deae2c096efdf9fd50665d8884c66fd43b)
firewall-20000309.tar.gz (31,146 bytes) (SHA256 827e4282bc58305afe8d38f6ff1b324481a5792a69a2f4eca79d12af230bc34b)
firewall-19991231.tar.gz (20,066 bytes) (SHA256 42595e027f6ebbab3d4de21d393047b5e74e2558f697be8d68f0e86a586f7a3a)

What is firewall? | Features | Supported Platforms | Documentation | Download

Last modified by raf at Fri, 31 Dec 2004 16:10:02 +1100 ( html css tsl dnssec hard)