v3.1.7 / December 31, 2020
v3.1.5-rc1 / September 17, 2017
|License||GNU GPL v2+|
FireHOL does not have graphical user interface, but is configured through an easy to understand plain text configuration file. A further advantage of FireHOL is its friendliness to beginners - you don't have to worry about the answer packet because FireHOL first parses the configuration file and then sets the appropriate iptables rules to achieve the expected firewall behavior.
It is a large, complex BASH script file, depending on the iptables console tools rather than communicating with the kernel directly. This has the advantage of portability; any Linux system with iptables, BASH, and the appropriate tools can run it. Its main drawback is slower starting times, particularly on older systems. Since this delay only happens once per boot—or less, if the resulting rules are saved to disk—high performance for this is not generally important except in embedded systems.
FireHOL also benefits from the shell's flexibility, being easily extended and configured to a high degree; FireHOL's configuration files are fully functional BASH scripts in of themselves. One can write scripts in normal shell syntax and they will operate as expected; one might loop a FireHOL statement to forward an entire set of ports, for example.