[Sanewall 1.0.0] Making sense of firewalling
Sanewall is a firewall builder for Linux which uses an elegant language
abstracted to just the right level. This makes it powerful as well as easy
to use, audit, and understand. It allows you to create very readable
configurations even for complex stateful firewalls.
Sanewall can be used for almost any firewall need, including:
- control of any number of internal/external/virtual interfaces
- control of any combination of routed traffic
- setting up DMZ routers and servers
- all kinds of NAT
- providing strong protection (flooding, spoofing, etc.)
- transparent caches
- source MAC verification
- blacklists, whitelists
The current
experimental snapshots
support IPv6. Sanewall abstracts the differences between IPv4 and IPv6,
allowing you to define a common set of rules for both whilst permitting
specific rules for each as you need.
Sanewall is a fork of
FireHOL.
The configuration language is identical, just see
this FAQ for some variable name changes.
For now the
FireHOL website
is still the best source of introductory information.
Sanewall is released under the GPLv2+
open source licence.
[Sanewall 1.0.0] Making sense of firewalling
Reviewed by Zion3R
on
7:37 PM
Rating: