[Firehol-support] what comes after firehol?

Phil Whineray phil.whineray at gmail.com
Sun Jun 12 15:15:22 BST 2011

On 12 June 2011 12:45, Klaus Kruse <kkruse.1987 at googlemail.com> wrote:
> Am 12.06.2011 13:27, schrieb Harry Sufehmi:
>> On 6/12/11, John Dalton <john at johndalton.info> wrote:
>>> The lack of releases hasn't bothered me - it's stable and mature, and
>>> one of the first things I install on every host.
>> Absolutely agree.
>> I've yet to find another firewall product that's :
>> 1. Very accessible & easy to maintain over a SLOW ssh connection
>> 2. Very easy to use, yet
>> 3. Very versatile, and
>> 4. Very stable & dependable
>> 5. Almost zero dependency - it doesn't require you to install this
>> library & that library & apache & php & etc. Just bash & iptables.
>> firehol is a rarity in the software world. Not many other software is
>> able to achieve even point 2 to 4.
> You all are absolutely right, firehol is small, flexible and (most
> important!) super-easy to use. I'm just a student of sociology and have
> no deep knowledge of networking. But with firehol, configuring a
> three-network-interfaces homeserver with a lot of services just...works.
> I would really like to see IPv6-support, as this will become important.
> Just this and I'll be happy for the next decade :)

A while back I created a git repository which adds IPv6 support. If you:
  git clone git://repo.or.cz/fireholvi

You can try a version with mixed IPv4/IPv6 support. I suggest checking the
rules output by hand before using them in production but it fullfills all
my needs.

There's also a cvs-mirror branch which tracks the official CVS repo if
that's useful to anyone.


More information about the Firehol-support mailing list