Gibraltar is a Debian GNU/Linux-based router/firewall distribution, fully workable from a bootable, live CD-ROM. Log files can be stored on a hard disk, and configuration data is stored on a USB mass storage media or a floppy disk and kept on a RAM disk during run-time. Due to its Debian base, a vast manifold of firewalling, routing, and proxy packages is available. It comes with an intuitive, easy to use Web administration interface and support, and is free to use for home users.
|Tags||Security Internet Networking Firewalls Monitoring|
|Operating Systems||POSIX Linux|
Release Notes: This release has been updated to kernel 2.6 and a fresh base system based on Debian 5.0 (codename Lenny). Additional, notable changes and new features are full support for IPv6, policy routing setup via a Web interface with support for multiple default routes in fail-over as well as load-balancing configurations, layer7 match support to mark traffic based on protocols instead of ports, official support for WLAN interfaces, use of overlay filesystems and standard initramfs tools, and that OpenVPN can now be used without client certificates for direct integration with LDAP or Microsoft Active Directory.
Release Notes: Major new features in this release include official support for Snort as an intrusion detection system and full integration of the Puresight Enterprise variant for advanced user-based authorization and reporting. SSL Explorer plugins can now beinstalled. There were substantial improvements in traffic shaping performance, support for transparent virus scanning for HTTP, POP3, and FTP even without a hard disk, and the beginnings of full WLAN access point functionality.
Release Notes: This release introduces major new features: a dynamic content filter for HTTP based on Puresight, SSL-VPN with the SSL Explorer community addition, a captive portal based on Chillispot, an OpenVPN module in the Web administration interface, unified user management based on OpenLDAP and Freeradius that is now integrated with all services and allows optional use of Active Directory, a complete redesign of the traffic shaping module for more flexibility and complex scenarios, and various additions to the integrated Spamassassin.
Release Notes: This release adds three major new features: accounting/monitoring, anonymization, and failover. Many system and network parameters are now collected and stored in round-robin databases for detailed graphical analysis. Strong anonymization is provided by the integration of tor, anon-proxy/JAP, and freenet, to allow users to remain in control of their private connection data. "heartbeat" with improved scripts has been integrated for hot-standby failover. This will allow connections to remain open even during the failover, and is thus completely transparent to clients and servers.
Release Notes: This release significantly improves the speed of the Web interface, and solves a previous issue with license checks in high-bandwidth cases. An important change is the introduction of the TCP window tracking patch to the firewall code, which checks TCP connections much more thoroughly than before. Another change is that FreeS/WAN has been replaced with its successor Openswan, which uses compatible config files, so this replacement should not need any changes in current configurations.