Shoreline Firewall 220.127.116.11
Features at a glance
Key features include stateful packet filtering, supports an unlimited number of network interfaces, allows users to partition their network into zones, allows multiple zones per interface and multiple interfaces per zone, supports overlapping and nested zones, masquerading/SNAT, port forwarding (DNAT), one-to-one NAT, proxy ARP, and NETMAP.
Additionally, the software supports centralized firewall administration, features a web-based user interface via the powerful Webmin software, offers flexible address routing and management capabilities, traffic accounting, operational support, status monitoring, bridge/firewall support, as well as comprehensive documentation.
Supports many virtualization solutions
Shoreline Firewall also supports blacklisting of individual IP addresses, operational support, VPN support, Media Access Control (MAC) address verification, support for IPSEC, IPIP, OpenVPN, and GRE tunnels, and supports a wide range of virtualization solutions, including the popular VirtualBox, Xen, KVM, OpenVZ, LXC and Linux-Vserver.
Supports IPv4 and IPv6
Both IPv6 and IPv4 network protocols are supported by Shorewall, which can be downloaded from Softpedia in two editions, one for the IPv4 Internet protocol and another one for IPv6, as universal tarballs, running on both 64-bit and 32-bit hardware platforms. In addition, the program comes with a vast amount of informational commands.
Most GNU/Linux distros are supported
The application is officially supported on a wide range of GNU/Linux platforms, including Debian, openSUSE, Trustix, TurboLinux, SuSE Enterprise Linux Desktop, SuSE Enterprise Linux Server, Linux PPC, Fedora, Red Hat Enterprise Linux, Arch Linux, Slackware, LEAF/Bering, and any other RPM- or DEB-based operating system.
Reviewed by Marius Nestor, last updated on December 18th, 2014
In a hurry? Add it to your Download Basket!
- The configure scripts and installers now support SERVICEDIR as an alternative to SYSTEMD. For compatability, SERVICED is an alias for SERVICEDIR.
- The installers now offer a choice of .service files, selected by the SERVICEFILE option. The default remains $PRODUCT.service. Each product supplying a .service file now supplies a .service.214. The differences between the standard .service files and the service.214 files are: a) They specify 'after=network-online.target' rather than 'after=network.target'. b) The file shorewall-init.service.214 specifies 'before=network-pre.target' rather than 'before=network.target'. That file requires serviced 214 or later, hence the names of the new files. Regardless of which file is selected, it is installed in $SERVICEDIR/$PRODUCT.service.
- The RATE LIMIT column of the rules files now allows specification of both a per-source and per-destination limit. See shorewall-rules(5) for details.
- Previously, /bin/sh was used unconditionally to process the helper script 'getparams'. That shell script reads the params file and passes back the (variable,value) pairs to the compiler. Beginning with this release, $SHOREWALL_SHELL is used to process that script, unless the compilation is for export, in which case /bin/sh is still used. Note that the default value of $SHOREWALL_SHELL is /bin/sh, so unless your configuration sets that variable, this enhancement will have no effect. Similarly, on an administrative system, this enhancement has no effect on the processing of the 'compile -e', 'load', 'reload' and 'export' commands.
Application descriptionShoreline Firewall (Shorewall) is an open source command-line software written in UNIX shell and Perl, and design...