Arno's IPTABLES Firewall Script 1.8.8m (Stable branch) |
|
|
Saturday February 16, 2008. 08:49 PM FreshMeat
Arno's IPTABLES Firewall Script is a secure stateful firewall for both single and multi-homed machines. It supports NAT and SNAT, port forwarding, ADSL ethernet modems with both static and dynamically assigned IPs, MAC address filtering, stealth port scan detection, DMZ support, protection against SYN/ICMP flooding, experimental IPv6 support, multi-interface/aliased-IP support, and extensive user definable logging with rate limiting to prevent log flooding. It has plugin support to add extra features (like SSH Brute Force protection and (Racoon) IPSEC support). It is easy to configure and highly customizable. A filter script that makes your firewall log more readable is also included.
License: GNU General Public License v2
Changes:
The $LOCAL_CONFIG_FILE variable was added to
allow, for example, certain user/global/local
settings to be sourced into the script. The plugin
code was moved from custom rules into the main
script. The plugin system was enhanced. Several
plugins were updated. Multiroute now has a proper
stop() section. /proc/.../ conntrack set was fixed
for newer kernels.
|
