Projects / Firewall Builder

Firewall Builder

Firewall Builder consists of a GUI and set of policy compilers for various firewall platforms. It helps users maintain a database of objects and allows policy editing using simple drag-and-drop operations. The GUI and policy compilers are completely independent, which provides for a consistent abstract model and the same GUI for different firewall platforms. It currently supports iptables, ipfilter, ipfw, OpenBSD pf, Cisco PIX and FWSM, and Cisco routers access lists.

Operating Systems

RSS Recent releases

  •  28 Mar 2012 21:15

Release Notes: Packages for Windows and Mac OS X are now distributed under the GPL, and the source code includes all files necessary to build on Linux, *BSD, Windows, and Mac OS X. This release also includes a few bugfixes in the policy compiler for iptables and for the build problem on Gentoo.

  •  23 Dec 2011 23:38

Release Notes: This release includes improvements in the design of the installer dialog to let users start in non-batch install mode but continue in batch install mode later; improvements in support for iptables configurations for bridging Linux firewalls; fixes for several GUI crashes; policy compilers now correctly handle /31 subnets.

Release Notes: This release includes multiple GUI enhancements and improved support for large configurations with new features like user defined subfolders, keywords for tagging objects, dynamic groups with smart filters, and more. Other new features include support for importing PF configuration files and a new object type called Attached Networks, which represents the list of networks connected to a network interface.

  •  10 May 2011 21:03

Release Notes: This version fixes bugs in the built-installer batch install mode, SNMP network discovery wizard, and few minor bugs in the GUI.

  •  21 Apr 2011 04:57

Release Notes: This version significantly improves importation of existing firewall configurations and introduces support for importing Cisco ASA/PIX/FWSM configuration and de-duplication of imported objects. Support for the configuration of bridge and VLAN interfaces and static routes on FreeBSD was added, and it is now possible to generate configuration in the format of rc.conf files. The latest versions of Cisco ASA software are now supported, including the new command syntax for NAT commands in ASA 8.3. The speed of rule compilation has been improved, and is especially noticeable on very large data files.

RSS Recent comments

25 Aug 2010 06:16 vkurland

We have created an online User Survey so you can tell us how we
are doing and help us prioritize the features we are working
on.  Our goal is to provide the best multi-vendor firewall
configuration solution available.  Your input is very valuable to
us, so we would appreciate your taking a few moments to complete
this survey (link below). The survey is anonymous and should take
less than 10 minutes to complete.

Thanks for helping us continue to improve Firewall Builder!

23 Jul 2009 04:27 sharif_aly Thumbs down

Its cost 79$ for windows and current download is 30 day limited time.

16 Apr 2002 11:35 vkurland

Re: Distributed firewalls

you can intall and activate firewall policy if you use one of the install scripts available in the Contrib area on our sourceforge page. See FAQ 4.1

16 Apr 2002 10:07 blockall

Distributed firewalls
Any chance you would implement the possibility to push one ruleset to a firewall module (maybe via ssh?) and restart the module and check status?
It would really give a kick to the application (which I really enjoy). And maybe support clustered firewalls?

10 Apr 2002 14:31 vkurland

Re: On FreeBSD

> Installation on a FreeBSD however
> requires some insight. Add some FAQs
> around this subject and fwbuilder would
> definitily get more focus on the FreeBSD
> platform.

we are working out last portability issues in the API library and the GUI. A section about building on FreeBSD will be added to the Requirements document at the time of the next release (1.0.2)


Project Spotlight

MUltihost SSH Wrapper

Broadcasts commands over SSH to multiple hosts.


Project Spotlight


A PHP class for modifying Zip archives without extensions or temporary files.