IP-Array is a Linux iptables firewall script written in bash. It allows the creation of precise, stateful rules, while remaining easy to configure. IP-Array supports VPN, traffic shaping (creation of custom HTB and SFQ qdiscs, classes, and filters), multiple external interfaces, multiple LANs, multiple DMZs, NAT, logging, MAC address matching, packet marking, syslog logging, and various sysctl settings. It also includes some presets and autoconfig options for common needs like DNS, FTP, SMTP.
|Tags||Security Networking Firewalls|
|Operating Systems||POSIX Linux|
|Implementation||Unix Shell bash|
Release Notes: Three bugs have been fixed.
Release Notes: This release fixes three important bugs and one minor bug.
Release Notes: Important bugs were fixed. iptables rule processing has been completely rewritten. The rule block definition is now template-based. This new core will allow very flexible rule definitions in upcoming releases. No configuration changes are necessary after upgrading. Performance was improved. There were other minor feature updates.
Release Notes: Output colours can be set by the user. New startup parameters: 'dry-run', 'save-tc-commands', and 'save-iptables-commands'. Saving of sysctl commands to a file has been added. Interface classifying chains are now also created in the mangle table. Support for non case-sensitive configuration values, at places where it makes sense and the called program supports them, has been added. New cburst and mtu options as 'tc class' creation parameters. Various changes to the program output have been made. Many functions contain code improvements. Some bugs were fixed.
Release Notes: This release brings new startup parameters and configuration options, more user input validation, more detailed output, improved program logic and runtime speed, and some bugfixes.