B. Watson 8e8dbd376c network/firehol: Wrap README at 72 columns. 2 anni fa
..
README 8e8dbd376c network/firehol: Wrap README at 72 columns. 2 anni fa
doinst.sh b5793a1e3c network/firehol: Added to 12.1 repository 14 anni fa
firehol.SlackBuild 63daf9f79a All: Support $PRINT_PACKAGE_NAME env var 3 anni fa
firehol.conf b5793a1e3c network/firehol: Added to 12.1 repository 14 anni fa
firehol.info f6d01d01be network/firehol: Mirror download url. 6 anni fa
rc.firehol b5793a1e3c network/firehol: Added to 12.1 repository 14 anni fa
slack-desc 610e8461bb various: Fix slack-desc formatting and comment nit picks. 11 anni fa

README

firehol is an easy to use but powerful iptables stateful firewall
for humans.

FireHOL uses an extremely simple but powerfull way to define firewall
rules which it turns into complete stateful iptables firewalls.
FireHOL is a generic firewall generator, meaning that you can design
any kind of local or routing stateful packet filtering firewalls with
ease.

You can run FireHOL with the 'helpme' argument, to get a configuration
file for the system run, which you can modify according to your needs.

You can find example config files in
/usr/doc/firehol-/examples. This directory contains examples from
a simple client machine, to a lan-wan gateway or an office server.

The default config file in the package contains only a note about
where to find config file examples (/usr/doc/firehol-/examples),
because it is empty it is not handled as a usual config file. If a
user has a real one, this "example" is simply deleted.

There is a get-iana.sh script to fetch reserved IPs from iana, It is
renamed to firehol-get-iana, and placed to /usr/sbin. You have to run
it at least once, to silence firehol startup warnings about missing
files.

There is an adblock.sh script to fetch the IPs of popular add servers,
which can be blacklisted, see the file for the details. It is renamed to
firehol-adblock and it is in /usr/sbin.

In addition to the man pages there is a full html documentation in
/usr/doc/firehol-/html

---

For example this is a sample firewall for simple home machine with samba
and ssh:

>version 5
>
>interface any world
> policy reject
>
> server dns accept
> server dhcp accept
> server icmp accept
> server ssh accept
> server samba accept
>
> client all accept

---

This is a stripped down home server and router configuration (for a
sophisticated version of this file see /usr/doc/firehol)

>version 5
>
>interface eth0 home
> server "dns ftp samba squid dhcp http ssh icmp" accept
> client "samba icmp" accept
>
>interface ppp+ internet
> server "smtp http ftp" accept
> client allaccept
>
>router home2internet inface eth0 outface ppp+
> route all accept