WallFire 0.9.8

WallFire is a very general and modular firewalling application based on Netfilter or any kind of low-level framework.
WallFire is a very general and modular firewalling application based on Netfilter or any kind of low-level framework.

It will enable to manage every aspect of a firewall administration, from configuration to monitoring, intrusion detection, etc...
WallFire will provide command line and interactive tools as well as X Window or Web front-ends.

WallFire is "libre" (free as a speech, in English) software. It is mainly written in C++ and is intended to run on every *nix system.

WallFire is a package that is composed of:

a server side:
wfpolicyd, a daemon which can run on any host and centralises the rules and policy management
wfcommitd, a daemon which runs on the firewall(s) itself and commits the firewalling rules, whatever platform it is running on and whatever tools are available on the latter.
So you will need to run a wfcommitd daemon on each firewall, but only one wfpolicyd for a whole site.
a client side:
some libraries (for example wfnetobjs) on which every operation relies
wfconvert, the tool which imports/translates rules from/to any supported firewalling language
wflogs, the log analysis and reporting tool
wfadmin, the administration shell tool
xwfadmin, the X (Qt) administration front-end, which is useful, but not compulsory
webfire, the Web administration interface (in PHP).

Of course, client and server parts can (should?) be run on different hosts. All communications will be authentificated and encrypted (via SSL). Every data (network objects, rules, logs) will be importable/exportable in XML.

So far, the things that have been implemented are: some libraries (wfnetobjs for example), the wfconvert (which is quite functionnal now) and wflogs (which is mature and fully functionnal) commands.

Note that wfconvert and wflogs can be used locally, independantly of other WallFire tools.

What's New in This Release:

· Improved matching of netfilter and ipfilter input modules.
· Added support for Cisco FWSM (PIX).
· Improved netfilter parsing.
· Compilation fixes for *BSD.
· Added wflogs.dtd.
· Added wfchkintegrity tool, which enables to monitor changes in the firewalling configuration.

last updated on:
July 13th, 2006, 23:05 GMT
license type:
GPL (GNU General Public License) 
developed by:
Hervé Eychenne
ROOT \ System \ Networking
Download Button

In a hurry? Add it to your Download Basket!

user rating 1



Rate it!

Add your review!