Hi ALL, During the past 3 moths, I developed a tool called GIPTables Firewall. (ditribuited under the GNU General Public License)
GIPTables Firewall is a free set of shell scripts that helps you generate netfilter/iptables (www.netfilter.org) rules for Linux 2.4.x and newer kernels. It is very easy to configure and so far designed to run on hosts with one or two network cards (at this time). It doesn't require you to install any additional components to make it work with your Linux system. All you need to setup your firewall is iptables and GIPTables. GIPTables can be used very easy with a host that has only one network card, and this host can be a Linux server or a Linux workstation. It assumes that if your host has two network cards, then the host should be a Gateway Server that connects your INTERNAL private network to the EXTERNAL world (the Internet). Accesses from your internal network to the external world are automatically controlled and filtered by the SNAT feature of iptables and GIPTables. This is well known in the Linux world as MASQUERADING. In the other part, the DNAT feature of iptables and GIPTables automatically controls accesses from the Internet to your internal servers where the software wills forwards all specified incoming connections to your internal server. So, as you can see, it is designet for a well known configuration, and I think that this is the most widely used configuration nowadays. Also, it was designed to meet my requirements for my SOHO network. But all the time during developement I had in mind that if necesarry, it should be possible to be extented so that you can use it with as many network cards as you need, and also that it will make NAT only if you want. But those features will be available only in the future releases, and only if there are requirements for this kind of features from the users. Please visit GIPTables Firewall homepage www.giptables.org for more informations. Regards, Adrian Pascalau
