Gibraltar Firewall 3.1
It’s distributed as a dual-arch Live CD
The project is distributed as a dual-arch Live CD ISO image that supports 32-bit and 64-bit hardware platforms. It requires no disk installation and uses a specially hardened Linux kernel. Support for English, German and Finnish languages is included. The ISO image fits perfectly on a CD disc or a USB thumb drive.
Features support for numerous network technologies
The distribution featurs support for numerous network technologies, including Ethernet 10/100/1000 MBit/s (DHCP or static), ADSL Ethernet modems (PPTP and PPP over Ethernet), ADSL USB modems (PPP over ATM), Modem dial in (USB and Serial), as well as virtual IP addresses. It supports an unlimited number for network interfaces.
Offers stateful packet inspection
Gibraltar Firewall offers stateful packet inspection, supporting the ICMP, TCP, UDP, GRE, ESP, AH and IPv4-over-IPv6 protocols, flexible packet filter, NAT (Network Address Translation), PAT (Port Address Translation), DoS/flood protection, selective TTL manipulation, protocol pass through
Free definition of aliases and groups: addresses and ports and randomized IP sequencing.
Offers deep packet inspection
The distribution offers deep packet inspection, including email attachment blocking, email block lists, spam protection, transparent HTTP proxy, user authentication via LDAP, user list or Active Directory, content caching and scanning, transparent incoming/outgoing FTP proxy, as well as transparent POP3 proxy that offers spam protection, antivirus and protection against dangerous attachments.
Supports additional services
Another interesting features is the ability to support additional services, such as Dynamic DNS, DHCP server, secure DNS resolve, SSL wrapper for arbitrary services, portscan detection, anti-spam filter (Bayes, rule based, Razor, DCC
and RBL), ClamAV virus scanner, and Kaspersky virus scanner (optional).
Reviewed by Marius Nestor, last updated on August 22nd, 2014
In a hurry? Add it to your Download Basket!
- The /var/tmp directory can now optionally reside on the harddisk (if used) instead of being mounted as tmpfs. This is required when using the Avira engine, as it consumes more space in /tmp (but less system memory compared to Kaspersky).
- Bugfixes in the connection-manager to better re-start IPsec connections in some corner cases.
- Optimized execution time of main firewall script by removing general loops for chain creation and letting the web interface only create those chains required for the specific rule set.
- Recompiled strongswan (IPsec IKEv1 and IKEv2 daemon) to support NAT- traversal for transport mode connections to support VPNs from iPhone and Android mobile devices.
Application descriptionGibraltar Firewall is an open source firewall and router project based on Debian/GNU Linux. It perfectly meets all ind...