Tag Archives: iptables

Vuurmuur 0.8 has been released

Posted on by

I’ve just pushed the 0.8 release. See my announcement here. Get it from github or the ftp server.

Largest changes:

  • ipv6 support using ip6tables
  • logging uses nflog – initial work by Fred Leeflang
  • connection logging and viewer
  • add rpfilter and improved helper support
  • a ‘dialog’ based setup wizard
  • single code base / package
  • massive code cleanup

I plan to continue to work on Vuurmuur, but it will likely remain at a low pace. Suricata development is simply taking too much of my time.

As a next big step, I’m thinking about making the leap to nftables. This would be quite a project, so I’m resisting it a bit. On the other hand, I would like to learn more about nftables as well.

Another thing I’ve been dreaming of is somehow integrating support for Suricata. Fully supporting Suricata would be a massive effort, but perhaps a simple enough integration. Probably starting with showing logs, setting some basic config options.

If you’d like to help with Vuurmuur development it would be great. It’s still written in C, but at least the code is a lot cleaner than in 0.7.

Vuurmuur 0.8beta4 released

Posted on by

I just released a new Vuurmuur version. The last release was in 2009, so it has been a while.

This release adds basic IPv6 support. The state of the IPv6 support is incomplete, but quite functional.

Supported features are:

– rules generation
– log viewing
– setting IPv6 addresses in hosts, networks and interfaces

Unsupported features are:

– connection viewer
– NAT
– blocklist
– IPv6 address to Vuurmuur name conversion in the log

I’ve been running it myself for a couple of months w/o major issues, so it should be safe to test.

Also new in this release is the support of NFLOG for the traffic log. This means no more cluttering of messages or other system logs. Much of this work has been done by Fred Leeflang.

It’s now also possible to use a “zone” directly in a rule. For Every network in that rule a set of iptables rules will be automatically be created.

Finally, for those that hate the blue background, you can now also set it to black. In vuurmuur_conf, go to “vuurmuur_conf settings” and enable “Use black background”. Restart vuurmuur_conf and you’re set!