Projects / Easy Firewall Generator

Easy Firewall Generator

Easy Firewall Generator is a PHP Web application that generates an iptables firewall script. The generated script is designed for a single system connected to the Internet or a system acting as a gateway/firewall for a small private network. The generator prompts recursively for a variety of options. When the selected options form a complete set, it generates and returns a commented firewall script based on those options. The generator includes documentation on iptables and each option.

Tags
Licenses
Operating Systems
Implementation

Recent releases

  •  12 May 2005 04:17

    Release Notes: The script was altered to do some basic ingress filtering on firewalls generated for gateway systems by dropping packets coming in the external interface that have a source of the internal network.

    •  27 Apr 2005 22:50

      Release Notes: Rules have been added to explicitly filter TCP packets with illegal flag combinations. Support has been added to the Allow Inbound section for mDNSResponder.

      •  15 Mar 2004 05:11

        Release Notes: This release adds support for allowing inbound connections to an NFS server and some additional minor cleanup items.

        •  25 May 2003 06:13

          Release Notes: This release adds an SSL option to the Web Server and Email options in the inbound services section. It also adds an option to the Port Forwarding feature to also redirect internal requests to the external IP to the internal system.

          •  11 Mar 2003 23:55

            Release Notes: This release adds two choices to the Allow Inbound Services option. One choice allows file transfers through the MSN Messenger instant messaging service. The other allows the user to specify a port or port rage (UDP, TCP, or both) to create custom rules.

            Recent comments

            13 Dec 2002 18:58 stratcat

            Re: FWgen: no line breaks
            Got it using save as text as you described.
            Thanks! Good work.

            E


            >
            > % Using Konqueror in MDK9, the FWgen
            > % produces
            > % a file without line breaks. Also does
            > % this
            > % in IE6 on Win2k.
            >
            >
            > I can't reproduce what you describe.
            > The program sets the MIME type to
            > text/plain when it returns the firewall.
            > I tested it just now from
            > http://morizot.net/firewall/gen/ using
            > both IE6 on W2K and Konqueror on Redhat
            > 7.3 and it returned the plain text
            > firewall as expected. I was able to
            > save it from both browsers. (I did have
            > to specify a text file in IE 6.)
            >
            > I suppose I need more information if I'm
            > going to be able to identify the
            > problem.
            >
            > Scott
            >


            06 Nov 2002 07:25 tmorizot

            Re: FWgen: no line breaks

            > Using Konqueror in MDK9, the FWgen
            > produces
            > a file without line breaks. Also does
            > this
            > in IE6 on Win2k.


            I can't reproduce what you describe. The program sets the MIME type to text/plain when it returns the firewall. I tested it just now from http://morizot.net/firewall/gen/ using both IE6 on W2K and Konqueror on Redhat 7.3 and it returned the plain text firewall as expected. I was able to save it from both browsers. (I did have to specify a text file in IE 6.)

            I suppose I need more information if I'm going to be able to identify the problem.

            Scott

            05 Nov 2002 23:05 stratcat

            FWgen: no line breaks
            Using Konqueror in MDK9, the FWgen produces
            a file without line breaks. Also does this
            in IE6 on Win2k.

            20 May 2002 07:44 tmorizot

            Re: Nicely done!

            > For the first time I have an iptables
            > protected system. I especially liked the
            > references embedded in the configuration
            > script.


            Thanks. I wanted to give people enough information embedded in the script so they could easily tweak it further on their own. I wanted to move from ipchains to iptables, but the only tools I could find were either fairly rudimentary or were complete firewall systems that you installed and then managed through their interface. So I wrote the sort of script generator I had hoped to find. Most of the work went into studying iptables. I'm glad you found it useful.

            Scott

            19 May 2002 20:12 vgivanovic

            Nicely done!
            For the first time I have an iptables protected system. I especially liked the references embedded in the configuration script.

            -- Vladimir

            Screenshot

            Project Spotlight

            OpenStack4j

            A Fluent OpenStack client API for Java.

            Screenshot

            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.