FireHOL

FireHOL is a simple yet powerful way to configure stateful iptables firewalls.

It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT.

It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more.

Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

FireHOL runs a service/daemon, checking its own configuration file at startup and writing out an iptables configuration before automatically starting the iptables firewall.

FireHOL

License GNU GPL v2 Developer Costa Tsaousis Website firehol.sourceforge.net Requirements Support: FAQ, Tutorial, Forums, Mailing Lists Selected Reviews: Linux.com

Features include:

• Handles firewalls protecting one host on all its interfaces and any combination of stateful firewalls routing traffic from one interface to another
• Supports many single socket protocols, such as HTTP, NNTP, SMTP, POP3, IMAP4, RADIUS, SSH, LDAP, MySQL, Telnet, NTP, DNS, etc
• Supports many complex protocols, such as FTP, NFS, SAMBA, PPTP, etc

Last Updated Tuesday, February 28 2012 @ 02:35 PM EST