Bifrost Firewall iptables GUI
Bifrost is a firewall management interface to iptables (iptables GUI). The system is inspired by Checkpoint, Cisco PIX, and Watchguard firewall management. With Bifrost you are able to work with incoming and outgoing traffic flows rather than focusing on interfaces. The system supports both IPSEC and High Availability. It is even possible to manage HA from the GUI. Bifrost has an advanced anti-spoofing function. There is also a very easy-to-use log watch function where you can apply filtering. Logging is controlled per rule. You can turn on/off logging for a rule on the fly, and there is built-in protection against log flooding. All firewall changes are made without interrupt already established connections. There is also support for traffic marking (mangle), very useful when you are working with QOS (bandwidth management) and advance routing such as policy-based routing. If you for some reason need something extra, it is possible to add your own commands.
| Tags | Utilities Networking Firewalls Security Internet |
|---|---|
| Operating Systems | POSIX Linux |
| Implementation | Perl |
Recent releases
- 11 Oct 2003 01:48
Changes: Hide NAT is now performed after source NAT, making it possible to configure specific source NAT and use hide NAT as a "catch the rest". The license function was updated to prevent lock downs when a license expires.
- 14 Jul 2003 21:27
Changes: It is now possible to enable routing on the same interface, i.e. it is possible to allow traffic to both enter and exit on the same interface. This kind of traffic is considered as Outgoing traffic.
- 04 Jun 2003 17:37
Changes: This release adds shading and color coding to the logging. All green text is "ACCEPT", i.e., allowed traffic. Red text is traffic that is either "DROP" or "REJECT". When the background color is changed to yellow, the corresponding rule is set to use FW-A, i.e., alerting. All colors will be customizable. Most Show/View functions now have either shading or spanning to improve the look. Rule editing now has data in all table cells.
- 27 Mar 2003 04:30
Changes: This release adds a few more cosmetic changes. Most Show/View functions now have either shading or spanning to improve the look. Rule editing now has data in all table cells.
- 17 Mar 2003 05:19
Changes: This release experimentally adds shading and color coding to the logging. All green text is "ACCEPT" i.e. allowed traffic. Red text is traffic that is either "DROP" or "REJECT". When the background color is changed to a yellow, the corresponding rule is set to use “FW-A”, i.e. alerting. All colors will be customizable.
- All comments
Recent commentsShading and colour coding
Hi
Several of our customers have asked for shading and colour coding in the logging. We are currently testing an updated version of 0.9.3. Please take a look at http://bifrost.heimdalls.com/demo_log.html
All green text is “ACCEPT” i.e. allowed traffic. Red text is traffic that is either “DROP” or “REJECT”. When background colour is changed to a yellow, the corresponding rule is set to use “FW-A”, i.e. alerting.
All colours will be customisable.
Please send us comments and further recommendations.
Martin Forest
Heimdall's Limited
Feedback
We have already started coding on the next version of Bifrost. We are always looking for feedback. If you have any ideas or suggestions, please send us your comments. Please use the address bifrost@heimdalls.com.
Martin Forest
Bifrost next generation
We are currently working hard with the design of Bifrost Next Generation. Bifrost Next Generation will be a totally new version, redone from scratch. The main changes will be the structure of the implementation. The new structure will focus on a distributed environment where the core is a management server, managing one or several firewalls. The management server will be able to manage several customers and each customer can have one or more firewalls. All firewalls will be minimal installations with as little services/software as possible. Bifrost Next Generation will be ideal for a managed environment, typically for ISP's and outsourcing companies that are working with Linux based firewalls.
We are looking form feedback to implement as many functions as possible. If you have any ideas, suggestions, requests... Please send your comments to bifrost@heimdalls.com
Martin Forest
Heimdall's Limited
Bifrost version 0.9.3 coming soon
We are currently doing the final polishing to version 0.9.3.
Highlights in the new version is marking/mangling. Marking is often used for QOS and policy based routing. With marking, you can mark traffic in the headers of a data stream. This marking can then be used by other software to controll the traffic in a much more detailed way than normal fifo or routing.
Another new feature is customer commands. It is now possible to add extra commands such as routing, extra tables etc.
There has also been a few minor touch ups in the interface.
The new version should be released withing a few days.
Martin Forest
Heimdall's Limited
Bugs/installation problems page
There is now a webpage for bugs and installation problems. Please see http://bifrost.heimdalls.com/Bugs.html
/Martin Forest
Senior Security Specialist
Heimdall's Limited