Bug#183284: ITP: fiaif -- easy but highly customizable script for setting up an iptables based firewall

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#183284: ITP: fiaif -- easy but highly customizable script for setting up an iptables based firewall
From: Bastian Kleineidam <calvin@debian.org>
Date: Mon, 03 Mar 2003 20:00:29 +0100
Message-id: <[🔎] 20030303190029.1477.qmail@localhost>
Reply-to: Bastian Kleineidam <calvin@debian.org>, 183284@bugs.debian.org

Package: wnpp
Version: unavailable; reported 2003-03-03
Severity: wishlist

I wish to package this. Test packages (version 1.10.0) can be found at
http://people.debian.org/~calvin/debian/

* Package name : fiaif
Version : 1.11.0
Upstream Author : Anders P. Fugmann <anders@fugmann.dhs.org>
* URL : http://www.fiaif.net/
* License : GPL
Description : easy but highly customizable script for setting up an iptables based firewall

Fiaif is an intelligent firewall, written in BASH and has the following
features:

Global options support:
* TOS bit can be set per protocol/port basis. (To be used by traffic shaping).
* Limit syslog logging.
* Specification of multiple zones - One or more per interface.
* Load specific connection tracking modules (FTP, IRC etc.).
* Examination of /proc/sys/net setting, for possibly dangerous system
configurations.
* Setup of linux runtime parameters.
* Run userdefined commands before and after applying the firewall.
* Syslog scanning, giving more human readable output based on setup.

A zone specifies a network interface (eth0, etc) on the firewall and the
network to which it connects. Zones support:
* Handling of dynamic IP's (DHCP).
* Interfaces with multiple IP addresses.
* Allow/drop and/or reject packets hitting the firewall from the zone.
* Restrict the type of packets originating from the firewall itself.
* Restrict packets coming from other zones.
* Ban IP's within the zone.
* Ban MAC addresses within the zone.
* Watch traffic from a specific IP.
* Limit number of specific packets, e.g. to avoid DoS attack.
* Port forwarding, changing the destination IP and port, allowing e.g. a
transparent proxy.
* Masquerading/SNAT.
* Traffic Shaping per interface.
* Ulogd logging support.
* Packet marking, for e.g. advanced routing.
* Definition of set of IP's, to ease maintenance and improve readability of
configuration files.
* And more.

-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux treasure 2.4.20 #1 Thu Jan 16 19:46:01 CET 2003 i686
Locale: LANG=C, LC_CTYPE=de_DE@euro

Reply to:

Follow-Ups:
- Re: Bug#183284: ITP: fiaif -- easy but highly customizable script for setting up an iptables based firewall
  - From: Hilko Bengen <bengen+debian@hilluzination.de>

Prev by Date: Re: debconf template translation
Next by Date: Bug#183283: ITP: gok -- The GNOME Onscreen Keyboard
Previous by thread: Re: ghost 'ssh' and 'cvs server' processes
Next by thread: Re: Bug#183284: ITP: fiaif -- easy but highly customizable script for setting up an iptables based firewall
Index(es):
- Date
- Thread