Release Notes: All known bugs have been fixed. Support has been added for Debian Sarge and Red Hat FC[1-3] as "official" distributions to work with when generating init scripts. The ability has been added to just install the generated firewall script into /etc/init.d or /etc/pcx-firewall without starting it.
Release Notes: Update to cover the 2.2 config file version. All uses of disabled="false" in the paths, network entries, etc. are now active="true". An XSLT conversion script has been created to convert the version 2.1 config files to version 2.2.
Release Notes: Many bugfixes and improvements overall. onbeforeunload is used to prevent the loss of data when users click the Back Button, close the window, etc. The boolean select boxes are now checkboxes, which makes the interface much easier to use.
Release Notes: New Service definitions can now be imported from the template config file. Activating a generated firewall script now works as sudo is called.
Release Notes: The edit screens now try to detect when you have made changes and warn you when you are about to do something that would lose those changes. When deleting a Network, Zone, or Service entry, you are now prompted to delete any paths that are using them, thus making it easier to purge entries from the config file without having to manually track them down. There is a new sample config file (dynamic-template.xml) which is a very simplistic case.
Release Notes: snort-inline and bridged firewall support added. Multiple services and multiple interfaces can be specified for the i and o attributes on a per-path basis. Support for the Web frontend was implemented. Other bugs were fixed.
Release Notes: The generated shell script has been optimized (variables and functions are now used instead of hard coding interfaces, network addresses, and manipulation checks). A Network module has been added which keeps track of networks and hosts you define and outputs them as shell variables. You can now generate an init style script which is chkconfig capable.
Release Notes: The XML config file format was changed to 2.1 and proxy arp support was added, along with new zoneToZone paths for ipsec, DMZ, dialin, and external zones. A major bug in the convert.pl script was fixed, which affected DNAT and redirect paths that had multiple <info> entries defined (only the last one was being used for the dnatPort/redirectPort value). Some issues in VeryTight2 regarding NAT and the order of pathway precedence were also fixed.
Release Notes: This release has major updates to the XML config format. See the VeryTight.html documentation for complete details. There is a new <firewallToFirewall> path which will properly handle local DNAT and Redirect rules, but only if the kernel is patched with newNAT and localNAT patches from iptables P-O-M. There is a script provided to convert version 1.7 config files to the new version 2.0 format.
Release Notes: This release has been updated to use the PCXFireWall::Modules enhancement. The XML config version has been updated to 1.6, the specification of module="VeryTight2" is required when using VeryTight2. Configuration options to enable/disable ECN support on firewall startup have been added, as well as options for specifying whether your kernel is modular or not and whether you need the FTP and IRC conntrack/NAT modules loaded. Other cleanups were also done in regards to NAT and FORWARD generated rules when the only zone defined is external.