Simplewall

Overview

Simplewall is a Linux firewall script and more accurately a high-level tool for configuring advanced features with Linux Netfilter. As the name Simplewall reveals, one of the main focuses of the project is to provide an easy interface to configure the firewall. In Simplewall's case this means easily understandable configuration file that helps user to achieve the wanted results without need to understand all the parameters and modules of iptables administration tool.

Features

  • Firewall a single computer or a whole subnet of computers
  • Stateful firewall
  • IP/network white- and blacklisting
  • TCP and UDP port based control
  • ICMP type based control
  • SSH port control for hosts in /etc/hosts.allow
  • Packet logging
  • Network Address Translation (NAT) for LAN
  • Port forwarding support
  • Simple easily extensible HTB traffic shaping
  • Download a list from dshield.org and block badly behaving IP addresses
  • GRE tunnel support

Requirements

  • Linux operating system with 2.6 series kernel
  • Netfilter support in kernel and iptables software
  • Bash shell: Simplewall is written for GNU Bourne-Again SHell
  • ifconfig: if WWW cache forwarding enabled
  • tc: in iproute2 (http://linux-net.osdl.org/index.php/Iproute2) for traffic shaping
  • wget *or* curl: if dshield.org blocklist enabled

Download

Author

Simplewall is written by Jani Kesänen. Author e-mail can be obtained inside Simplewall distribution archive.