Voor het configureren en beheren van een firewall gebaseerd op netfilter/iptables kan je gebruik maken van het programma vuurmuur. Dit programma maakt het leven van een systeembeheerder iets eenvoudiger door de complexiteit van het configureren van netfilter uit handen te nemen. Via de meegeleverde interface kan je overzichtelijk rules, hosts, groups, zones, interfaces en services aangeven en real-time de logbestanden uitlezen. Voor een overzicht van een aantal screenshots verwijzen we jullie door naar deze pagina. De ontwikkelaars hebben vuurmuur 0.5.73 naar buiten gebracht met de volgende aankondiging:
Hi everyone,
After the new site at http://www.vuurmuur.org/ I'm now pleased to announce Vuurmuur version 0.5.73. This release both adds a number of new features and fixes a lot of bugs. To start with the latter, many bugs in the log and connection management were fixed. Also, Vuurmuur can handle systems with nf_conntrack much better. There were lots of smaller fixes all over the program.
In the new feature department there is support for NFQUEUE (which is nice if you run Snort_inline), rule limits that are now optional for all rules, and limits that can also be limited in minutes, hours or days.
I've pasted the full changelog below.
Regards,
Victor
Version 0.5.73:Version 0.5.73 alpha 7:
- update links to reflect new site
- fix a number of support scripts not working when /bin/sh didn't point to bash
- fix a few stats in the status window
- fix a parse bug in the logview management
Version 0.5.73 alpha 6:
- Memory problems (corruption & leaks) in the connection viewer were fixed.
- Russian translation updated by Alex.
Version 0.5.73 alpha 5:
- Add a separate message for when a user wants to apply changes when the Vuurmuur daemon is not running.
- Add support for conntrack 'unknown' lines with unreplied state.
Version 0.5.73 alpha 4:
- Fix in_int and out_int not working in rules from and to the firewall. Thanks for reporting Jorijn.
- Updated Dutch translation.
Version 0.5.73 alpha 3:
- Add the option to limit rules per minute, hour and day.
- Allow limit option for all rules.
- Fix for the prevention of duplicate NFQUEUE rules.
- Make sure only one set of rules is created per queue number in the NFQUEUE chains. This prevents lot's of unneeded and uneffective rules.
Version 0.5.73 alpha 2:
- Added support for NFQUEUE
- Fixed loading of modules and checking of capabilities on more recent systems.
- Removed the obsolete markiptstate option.
Version 0.5.73 alpha 1:
- Fixed the killing of grouped connections.
- Fixed the Debian initscript for systems not linking /bin/sh to /bin/bash
- Fixed the killing of DNAT/PORTFW connections.
:strip_exif()/i/1346750227.png?f=thumbmedium)
:strip_exif()/u/173827/DeepFreeze.gif?f=community){kind=small}
.
:strip_icc():strip_exif()/u/5294/chillywilly_s.jpg?f=community){kind=small}
:strip_exif()/u/49248/DPCkoeienUD.gif?f=community){kind=small}
:strip_icc():strip_exif()/u/140051/BSOD.jpg?f=community){kind=small}
:strip_icc():strip_exif()/u/172138/crop61bce9b237dfb_cropped.jpg?f=community){kind=small}
