Packet Firewall - pfw
Version 0.94
New Package: pfw.lrp
I'm posting today about the first release I'm making available
of my ipchains firewall, pfw. It's based on an ipfwadm firewall
that I wrote a couple of years ago, called rc.pf.
ftp://ftp.schalit.net/pub/Pfw/
pfw is a simple shell script with a few other files
containing functions and variables that starts an
ipchains based, default DENY, set of firewall rules.
It's meant for the following setup:
internet ------- LEAF ----------- hub/switch
eth0 eth1 | | | |
lan computers
where eth0 is a static ip or assigned by dhcp.
pfw is Dachygen certified :-)
(It runs on Dachstein and Oxygen out of the box)
If you get pfw.lrp and load it onto your LEAF router during
boot, it will install but not be running. To get help, type
pfw. To run the Packet Firewall, type pfw start.
There's no files to edit unless you want to enable inbound
services. If so, you can use lrcfg or acfg and edit the
configuration file for optional services, /usr/local/etc/popts
Simply type 'pfw' at a command prompt for more help.
Then give it a 'pfw start' to raise the firewall and
give yourself all the standard outbound access you
expect.
Usage: pfw <start|stop|scram|status|enable|disable|help>
pfw is not as powerful as Echowall, in that it can not
handle dmz's or complex inbound services as easily. pfw was
developed without analyzing Echowall so as to not plagiarize
the work of others. pfw requires one to spell out the exact
rule for an inbound service, unlike Echowall's convenient labels,
but hey, it runs on Dachygen, which was one of the main goals.
Best regards and thanks to Jeff N. and Paul B.,
Matthew Schalit
_______________________________________________
Leaf-devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-devel
