Release Notes: This release adds the service eMule (for clients, servers, and routers), supporting the bi-directional socket environment required by the popular eDonkey network client.
Release Notes: This release fixes all reported problems related to NAT. FireHOL now fully supports DNAT, SNAT, REDIRECT, and MASQUERADE implemented as helper commands, and also the TRANSPARENT_SQUID helper for setting up transparent HTTP caches running on the firewall host (supporting transparent caching for traffic targeting, passing through, and originated from the firewall host).
Release Notes: The masquerade helper has been fixed to handle the 'reverse' keyword correctly and accept the network interface as expected.
Release Notes: This release adds support for NAT (SNAT, DNAT, and REDIRECT), support for the OWNER iptables module (user, group, session, and process), various error handler enhancements, support for runtime warnings (for missing kernel modules; it now runs on kernels compiled without modules), and a few workarounds for bugs in iptables-save (regarding the owner module).
Release Notes: In this release the services ping, AH (IPSEC), ESP (IPSEC), GRE, and microsoft_ds have been added, the action REJECT has been changed to be "smart" and send TCP RST on TCP and ICMP port unreachable on all other protocols, various speed optimizations have been applied, and a "transparent_squid" helper has been added to take care of port forwarding for setting up a transparent cache.
Release Notes: This release adds control over iptables REJECT actions using the 'with' optional rule parameter, the AMANDA and APCUPSDNIS services, a few error handler enhancements, updated documentation, and updated examples for ADSL-router, DMZ-server, DIALUP-router, and OFFICE workstation.
Release Notes: This release is mainly a security and bugfixing release. A potential security hole where an attacker could connect to any UDP port if in the configuration file there was a "client dns accept" and the attacker used source port 53, is fixed. A fix was made for a bug in the FTP service that prevented active FTP from working, NFS service now complains if it cannot find nfsd or mountd on the server's portmapper, a bug was fixed in the commandline arguments parsing when an alterate configuration file was given, and an interactive mode ('explain') was added where iptables rules generation is shown and explained.
Release Notes: This release is up to 10 times faster on complex firewall configurations, enables kernel routing automatically on router configurations, passes command line arguments to configuration files, has better control over iptables logging, loads required kernel modules during runtime, and protects the previous (running) firewall from being modified from the configuration file. Support has been added for the DHCP Relay, APTPROXY, APCUPSD, and ISAKMP services. The documentation now includes a tutorial on how to build a firewall using FireHOL.
Release Notes: This release fixes a last-minute typing error in 1.35 that made all protections generate errors. New documentation is now available.
Release Notes: This release supports protections on both interfaces of a router and better support for testing configuration files.