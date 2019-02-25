Versie 0.8 van Vuurmuur is uitgekomen, ongeveer tien jaar nadat de ontwikkeling ervan begonnen is. Deze firewall moet het configureren van netfilter en ip-tables eenvoudiger maken. Via de interface kunnen rules, hosts, groups, zones, interfaces en services worden aangeven en de logbestanden in realtime worden uitgelezen. Meer over de mogelijkheden van Vuurmuur kan op deze pagina worden gevonden. De release notes voor deze uitgave kunnen hieronder worden gevonden.

I’ve just pushed the 0.8 release. See my announcement here. Get it from github or the ftp server.

Largest changes:

ipv6 support using ip6tables

logging uses nflog – initial work by Fred Leeflang

connection logging and viewer

add rpfilter and improved helper support

a ‘dialog’ based setup wizard

single code base / package

massive code cleanup

I plan to continue to work on Vuurmuur, but it will likely remain at a low pace. Suricata development is simply taking too much of my time.

As a next big step, I’m thinking about making the leap to nftables. This would be quite a project, so I’m resisting it a bit. On the other hand, I would like to learn more about nftables as well.

Another thing I’ve been dreaming of is somehow integrating support for Suricata. Fully supporting Suricata would be a massive effort, but perhaps a simple enough integration. Probably starting with showing logs, setting some basic config options.

If you’d like to help with Vuurmuur development it would be great. It’s still written in C, but at least the code is a lot cleaner than in 0.7.