Jay's Iptables Firewall 1.0.5
Jay's Iptables Firewall is a bash script that lets you easily install and configure a firewall on a Linux system.
The basic features are sharing internet over a LAN, forwarding TCP or UDP ports over the LAN (for programs which require to be directly connected to Internet (to receive files by ICQ, eDonkey, KaZaA, ...)), log for prohibited accesses and more.
The firewall is very restrictive "All incoming traffic is blocked except ...". It carries out a filtering of the IP, TCP, UDP, and ICMP headers. Protect from DDOS (Distributed Denial Of Services) attacks, Smurf attacks (participation to a DDOS), Invalid IP sources and much more).
The configuration of the firewall is assisted by an interactive configuration tool.
You should be able to use the "firewall-config.pl" script for a interactive configuration, or use "firewall-config.pl -g" to generate a empty configuration's file and configure it by hand.
Here are some key features of "Jay s Iptables Firewall":
· Access control to TCP/UDP ports
· TCP/UDP Flags Control
· ICMP Control
· UDP/TCP ports forwarding
· Synflood Control (Distributed Denial Of Services)
· Spoofing Control (Bad source ips)
· Denying hosts (IP/MAC)
· Spywares ip list included
· NAT/Masquerading (Internet sharing over a LAN)
· Support for tunneling with restricted access on ports (like vtund)
· Support for multiple internal interfaces
· Support for multiple external interfaces
· Setting up Type Of Service (TOS)
· Support for custom rules
· Support for Pre/Post scripts
· Support for ZorbIPTraffic
· Log of bad tentatives
· A kernel >= 2.4
· Dialog >= 0.9a-20020309a
· For Debian:
dpkg -i firewall-jay-x.y.z.deb
rpm -Uvh firewall-jay-x.y.z.rpm
· All distributions:
tar xzf firewall-jay-x.y.z.tar.gz
What's New in This Release:
· fixed the "Couldn't load target `JAY_CHECK_TCP'" bug.
· fixed the "ALLOWED_PING doesn't work anymore" bug.