FireHOL

From Wikipedia, the free encyclopedia
Jump to: navigation, search
FireHOL
Developer(s) Costa Tsaousis
Stable release v1.297 / December 27, 2013; 6 months ago (2013-12-27)
Preview release v2.0.0-pre9 / June 8, 2014; 29 days ago (2014-06-08)
Development status Active
Written in Bash
Operating system Linux
Type Firewall
License GNU GPL v2
Website https://github.com/ktsaou/firehol, http://firehol.org/

FireHOL is a shell script designed as a wrapper for iptables written to easy the customization of the Linux kernel's firewall netfilter.

FireHOL does not have graphical user interface, but is configured through an easy to understand plain text configuration file. A further advantage of FireHOL is its friendliness to beginners - you don't have to worry about the answer packet because FireHOL first parses the configuration file and then sets the appropriate iptables rules to achieve the expected firewall behavior.

It is a large, complex BASH script file, depending on the iptables console tools rather than communicating with the kernel directly. This has the advantage of portability; any Linux system with iptables, BASH, and the appropriate tools can run it. Its main drawback is slower starting times, particularly on older systems. Since this delay only happens once per boot—or less, if the resulting rules are saved to disk—high performance for this is not generally important except in embedded systems.

FireHOL also benefits from the shell's flexibility, being easily extended and configured to a high degree; FireHOL's configuration files are fully functional BASH scripts in of themselves. One can write scripts in normal shell syntax and they will operate as expected; one might loop a FireHOL statement to forward an entire set of ports, for example.

FireHOL is free software and open-source, distributed under the terms of the GNU General Public License.

External links[edit]