Improving/Sponsoring package for arno-iptables-firewall

To: debian-firewall@lists.debian.org
Subject: Improving/Sponsoring package for arno-iptables-firewall
From: Michael Hanke <michael.hanke@gmail.com>
Date: Tue, 13 Sep 2005 09:42:30 +0200
Message-id: <[🔎] 200509130942.35448.michael.hanke@gmail.com>
Reply-to: michael.hanke@gmail.com

Hi!

I made a package for 'arno-iptables-firewall' (ITP #325696) - which is a quite 
popular iptables firewall configuration script 
(http://rocky.eld.leidenuniv.nl/). One of its most important features is the 
time to setup a secure firewall (just a few minutes). At the same time it is 
well documented and can be understood by novice users. But despite this fact, 
it is not limited to simple firewall setups. More features:

  * Stateful filtering firewall
  * Both kernel 2.4 & 2.6 support
  * It can be used for both single- and multi(eg. dual)-homed boxes
  * Masquerading (NAT) and SNAT support
  * Multiple external (internet) interfaces
  * Support multiroute NAT & SNAT (load balancing over multiple (internet)
    interfaces)
  * Port forwarding (NAT)
  * Support MAC address filtering
  * Support for DSL/ADSL modems
  * Support for PPPoE, PPPoA and bridging modem setups
  * Support for static and ISP assigned (DHCP) IPs
  * Support for (transparent) proxies
  * Full support for DMZ's and DMZ-2-LAN forwarding. You can also use
    it to isolate your eg. wireless LAN
  * (Nmap)(stealth) portscan detection
  * Protection against SYN-flooding (DoS attacks)
  * Protection against ICMP-flooding (DoS attacks)
  * Extensive user-definable logging with rate limiting to prevent log
    flooding
  * Includes options to optimize your throughput
  * User definable open ports, closed ports, trusted hosts, blocked
    hosts etc.
  * Log & protection options are both highly customizable
  * Support for custom iptables rules in a separate file
  * Main focus on TCP/UDP/ICMP but additional support for *ALL*
    IP protocols
  * It works with Freeswan IPSEC (VPN) & SSH Sentinel
    (http://www.freeswan.org) (+virtual IP's)
  * It works with PoPTop PPTP (http://www.poptop.org)
  * It works with UPnP
  * DRDOS protection/detection (experimental)


Although I tried:

http://lists.debian.org/debian-devel/2005/08/msg01781.html
http://lists.debian.org/debian-mentors/2005/08/msg00411.html

I have not found someone interested in sponsoring this package, yet.
I'm especially interessed in handling the configuration of the firewall via 
debconf. This is already implemented in a simple way, but I would be glad if 
someone would comment on it.

The current version of the package can be found here:

http://apsy.gse.uni-magdeburg.de/~hanke/debian/arno-iptables-firewall


Ciao,

Michael


-- 
GPG key:  1024D/3144BE0F Michael Hanke
http://apsy.gse.uni-magdeburg.de/hanke
ICQ: 48230050

Attachment: pgpBMzObD_gS8.pgp
Description: PGP signature

Reply to:

Prev by Date: New HYIP Make 7-10% per day
Next by Date: Improving/Sponsoring package for arno-iptables-firewall
Previous by thread: New HYIP Make 7-10% per day
Next by thread: Improving/Sponsoring package for arno-iptables-firewall
Index(es):
- Date
- Thread