From Wikipedia, the free encyclopedia
Jump to navigation Jump to search
Developer(s)Costa Tsaousis
Stable release
v3.1.7 / December 31, 2020; 3 months ago (2020-12-31)
Preview release
v3.1.5-rc1 / September 17, 2017; 3 years ago (2017-09-17)
Repository Edit this at Wikidata
Written inBash
Operating systemLinux
LicenseGNU GPL v2+

FireHOL is a shell script designed as a wrapper for iptables written to ease the customization of the Linux kernel's firewall netfilter.

FireHOL does not have graphical user interface, but is configured through an easy to understand plain text configuration file. A further advantage of FireHOL is its friendliness to beginners - you don't have to worry about the answer packet because FireHOL first parses the configuration file and then sets the appropriate iptables rules to achieve the expected firewall behavior.

It is a large, complex BASH script file, depending on the iptables console tools rather than communicating with the kernel directly. This has the advantage of portability; any Linux system with iptables, BASH, and the appropriate tools can run it. Its main drawback is slower starting times, particularly on older systems. Since this delay only happens once per boot—or less, if the resulting rules are saved to disk—high performance for this is not generally important except in embedded systems.

FireHOL also benefits from the shell's flexibility, being easily extended and configured to a high degree; FireHOL's configuration files are fully functional BASH scripts in of themselves. One can write scripts in normal shell syntax and they will operate as expected; one might loop a FireHOL statement to forward an entire set of ports, for example.

FireHOL is free software and open-source, distributed under the terms of the GNU General Public License.

External links[edit]