The rcf Linux Firewall (aka rc.firewall) is an ipchains-based firewall. With support for over 50 network service modules (including vtun, dhcp, nfs, smb, napster, proxies, online games, etc.), masquerading, port forwarding, and ip accounting. All services are self-contained modules which can be prioritized in the ipchains stack.
Protections include spoofing, stuffed routing/masquerading, DoS, smurf attacks, outgoing port scans, and many more. rcf also supports unlimited public, private (masqu'ed), dmz, and mz (non-masqu'ed) interface and their subnets.
Access rules are defined per interface and dmz/mz server "clusters". rcf is compatible with Red Hat, Slackware, Debian, Linux Router Project (LRP), and many other distros.
Provided several updates, including: contributing 260-spop3-servers, 220-winvnc-servers, 620-arcserve-hosts, and netstorm (online game) modules, fixed a typo in 530-snmp-clients, fixed cluster handling in 030-pptp-clients and 030-pptp-servers, patched service_rules.sh to allow private IPs on DMZ interfaces, added missing rules to allow traffic from public interfaces to the DMZ, added the
--refresh-interfaces command line option, and fixed the jump rule problem which prevented private IPs from connecting to public interface IPs.