[Firehol-support] (fwd) Re: what comes after firehol?

Mike Pountney Mike.Pountney at semantico.com
Tue Mar 13 15:09:17 GMT 2012

I'm happy to help in any way to keep Firehol alive, I use it extensively, and love how simple it makes our IPtables setup.

It would be great to get a version up on Github or similar. 

On 13 Mar 2012, at 13:56, Paul Fox wrote:

> phil -- count me in.  firehol is a nice piece of work, and
> i'm happy to help.
> just to remind folks -- costa did send a message to this list last
> june (below).  i assume phil has tried to contact him at the address
> he used then, and i've cc'ed him again now, just in case.  but clearly
> costa no longer has the time to devote to firehol.
> it would clearly be preferable for phil to be able to take over
> maintenance of firehol directly if costa were willing, but if we can't
> even get in touch, then a fork is the next best thing.
> paul
> costa wrote:
>> Date:    Wed, 29 Jun 2011 12:33:48 +0300
>> To:      Phil Whineray <phil.whineray at gmail.com>
>> cc:      firehol-support at lists.sourceforge.net
>> From:    Costa Tsaousis <costa at tsaousis.gr>
>> Subject: Re: [Firehol-support] what comes after firehol?
>> Hi all,
>> I am very pleased by your comments. Thank you very much.
>> As you have noticed it has been 3 years since the last release of
>> firehol. Although I have done enough commits fixing various bugs and
>> extending firehol, I did not manage to release anything. There are two
>> reasons for this:
>> a. Every new release needs an effort in documentation. I tried to
>> prepare a release once or twice during these 3 years, but I was unable
>> to complete the task.
>> b. Every new release attracts new users, demanding support, which
>> unfortunately I cannot provide to the extend required.
>> Currently firehol has 3 major issues:
>> 1. There is no ipv6 support
>> 2. It is very slow on very big firewalls (I have one with 10.000 rules,
>> that needs around 3 mins to get activated). There is a patch supplied at
>> sourceforge. It requires however extended testing.
>> 3. It should not depend on BASH. ASH is faster, lighter, runs on
>> embedded systems and could be used by firehol. ASH however lacks arrays,
>> a key feature for firehol. To run under ASH, firehol would need a
>> re-write of its core. Again, this would require extended testing.
>> Unfortunately, I cannot do all the work by myself.
>> If you would like to help, please send me a note. Firehol needs help to
>> stay alive.
>> In the mean time, I keep the cvs version of firehol always stable. I
>> suggest to use the cvs version instead of the released one. I always
>> update the CVS log properly too, so you can review what has changed or
>> fixed. I also fix bugs as soon as I get notified about them or add minor
>> features that do not require a major rewrite. These are the minimum
>> required to have a well maintained and secure firewall (firehol is
>> always well maintained - it is not "well released" though).
>> Regards,
>> Costa
>> part 2     text/plain                 377
>> ------------------------------------------------------------------------------
>> All of the data generated in your IT infrastructure is seriously valuable.
>> Why? It contains a definitive record of application performance, security 
>> threats, fraudulent activity, and more. Splunk takes this data and makes 
>> sense of it. IT sense. And common sense.
>> http://p.sf.net/sfu/splunk-d2d-c2part 3     text/plain                 176
>> _______________________________________________
>> Firehol-support mailing list
>> Firehol-support at lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/firehol-support
> =---------------------
> paul fox, pgf at foxharp.boston.ma.us (arlington, ma, where it's 48.2 degrees)
> ------------------------------------------------------------------------------
> Keep Your Developer Skills Current with LearnDevNow!
> The most comprehensive online learning library for Microsoft developers
> is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
> Metro Style Apps, more. Free future releases when you subscribe now!
> http://p.sf.net/sfu/learndevnow-d2d
> _______________________________________________
> Firehol-support mailing list
> Firehol-support at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/firehol-support

More information about the Firehol-support mailing list