Easy Firewall Generator
Easy Firewall Generator is a PHP Web application that generates an iptables firewall script. The generated script is designed for a single system connected to the Internet or a system acting as a gateway/firewall for a small private network. The generator prompts recursively for a variety of options. When the selected options form a complete set, it generates and returns a commented firewall script based on those options. The generator includes documentation on iptables and each option.
| Tags | Networking Firewalls Security |
|---|---|
| Licenses | GPL |
| Operating Systems | POSIX Linux |
| Implementation | PHP |
Recent releases
- 11 May 2005 21:17
Changes: The script was altered to do some basic ingress filtering on firewalls generated for gateway systems by dropping packets coming in the external interface that have a source of the internal network.
- 27 Apr 2005 15:50
Changes: Rules have been added to explicitly filter TCP packets with illegal flag combinations. Support has been added to the Allow Inbound section for mDNSResponder.
- 14 Mar 2004 21:11
Changes: This release adds support for allowing inbound connections to an NFS server and some additional minor cleanup items.
- 24 May 2003 23:13
Changes: This release adds an SSL option to the Web Server and Email options in the inbound services section. It also adds an option to the Port Forwarding feature to also redirect internal requests to the external IP to the internal system.
- 11 Mar 2003 15:55
Changes: This release adds two choices to the Allow Inbound Services option. One choice allows file transfers through the MSN Messenger instant messaging service. The other allows the user to specify a port or port rage (UDP, TCP, or both) to create custom rules.
- All comments
Recent commentsRe: FWgen: no line breaks
Got it using save as text as you described.
Thanks! Good work.
E
>
> % Using Konqueror in MDK9, the FWgen
> % produces
> % a file without line breaks. Also does
> % this
> % in IE6 on Win2k.
>
>
> I can't reproduce what you describe.
> The program sets the MIME type to
> text/plain when it returns the firewall.
> I tested it just now from
> http://morizot.net/firewall/gen/ using
> both IE6 on W2K and Konqueror on Redhat
> 7.3 and it returned the plain text
> firewall as expected. I was able to
> save it from both browsers. (I did have
> to specify a text file in IE 6.)
>
> I suppose I need more information if I'm
> going to be able to identify the
> problem.
>
> Scott
>
Re: FWgen: no line breaks
> Using Konqueror in MDK9, the FWgen
> produces
> a file without line breaks. Also does
> this
> in IE6 on Win2k.
I can't reproduce what you describe. The program sets the MIME type to text/plain when it returns the firewall. I tested it just now from http://morizot.net/firewall/gen/ using both IE6 on W2K and Konqueror on Redhat 7.3 and it returned the plain text firewall as expected. I was able to save it from both browsers. (I did have to specify a text file in IE 6.)
I suppose I need more information if I'm going to be able to identify the problem.
Scott
FWgen: no line breaks
Using Konqueror in MDK9, the FWgen produces
a file without line breaks. Also does this
in IE6 on Win2k.
Re: Nicely done!
> For the first time I have an iptables
> protected system. I especially liked the
> references embedded in the configuration
> script.
Thanks. I wanted to give people enough information embedded in the script so they could easily tweak it further on their own. I wanted to move from ipchains to iptables, but the only tools I could find were either fairly rudimentary or were complete firewall systems that you installed and then managed through their interface. So I wrote the sort of script generator I had hoped to find. Most of the work went into studying iptables. I'm glad you found it useful.
Scott
Nicely done!
For the first time I have an iptables protected system. I especially liked the references embedded in the configuration script.
-- Vladimir