what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News Services About Contact Add New

Showing 1 - 25 of 30

Files from Costa Tsaousis

FireHOL 3.1.7

Posted Jan 1, 2021

Authored by Costa Tsaousis | Site github.com

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: Fix dhcpv6 example to say dhcpv6. Various blacklist updates.

tags | tool, spoof, firewall

systems | linux, unix

MD5 | cebc65cd784a3499c0dfa8e28d654545

Download | Favorite | View

FireHOL 3.1.6

Posted Aug 13, 2018

Authored by Costa Tsaousis | Site github.com

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: Multiple fixes added to FireHOL. FireQOS had a status fix and has updated sample service definitions to start after network. Various other components were updated as well.

tags | tool, spoof, firewall

systems | linux, unix

MD5 | 4a8ce84950cf1303fa4ad1ff8c5f424a

Download | Favorite | View

FireHOL 3.1.5

Posted Sep 19, 2017

Authored by Costa Tsaousis | Site github.com

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: Various updates.

tags | tool, spoof, firewall

systems | linux, unix

MD5 | 71dc0c94deda27fc5f2579a511566aea

Download | Favorite | View

FireHOL 3.1.4

Posted Aug 20, 2017

Authored by Costa Tsaousis | Site github.com

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: Google hangouts port range fix. Fixed hashlimit option names. Various other updates.

tags | tool, spoof, firewall

systems | linux, unix

MD5 | c58707b903c52d66875ebe26b752501a

Download | Favorite | View

FireHOL 3.1.3

Posted Feb 18, 2017

Authored by Costa Tsaousis | Site github.com

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: More strict when detecting address ranges. Bug fixes.

tags | tool, spoof, firewall

systems | linux, unix

MD5 | 4625f41fc615fd0243b7060535852e2c

Download | Favorite | View

FireHOL 3.1.2

Posted Feb 8, 2017

Authored by Costa Tsaousis | Site github.com

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: Included user policies in chains before handling orphans. Saved firewall contents made reproducible by always zeroing counters and removing the dates from comments. Various other updates.

tags | tool, spoof, firewall

systems | linux, unix

MD5 | f6d1f099872da8b6af258b67e4e51189

Download | Favorite | View

FireHOL 3.1.1

Posted Jan 10, 2017

Authored by Costa Tsaousis | Site github.com

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: VNetBuild dropped ksh support. Added urandom.us.to list. Added dataplane.org SIP Invitation and SIP Registration feeds. Various other updates.

tags | tool, spoof, firewall

systems | linux, unix

MD5 | 353093b52df5bc1c5432816293400373

Download | Favorite | View

FireHOL 3.1.0

Posted Nov 29, 2016

Authored by Costa Tsaousis | Site firehol.org

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: Rework installation to make full use of autoconf results in all programs. Option to disable wizard added. Various other updates and improvements.

tags | tool, spoof, firewall

systems | linux, unix

MD5 | 57beb36c4bd81f20966928a4fb627d11

Download | Favorite | View

FireHOL 3.0.2

Posted Nov 23, 2016

Authored by Costa Tsaousis | Site firehol.org

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: Fixed transparent_proxy IPV6 output. Added manual page for cthelper. Added connlimit to blacklist and iptrap. Added stateful option to blacklist. Various other updates and improvements.

tags | tool, spoof, firewall

systems | linux, unix

MD5 | 1f24ed2af728ba73cdf9e51337f2d43b

Download | Favorite | View

FireHOL 3.0.1

Posted Jan 11, 2016

Authored by Costa Tsaousis | Site firehol.org

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: Added ipv6mld to simplify enabling Multicast Listener Discovery in FireHOL. Added pre_up to run commands immediately before an interface is started in VNetBuild. Various other improvements.

tags | tool, spoof, firewall

systems | linux, unix

MD5 | 1b458dd49cd249a45ba330ace516d053

Download | Favorite | View

FireHOL 3.0.0

Posted Dec 20, 2015

Authored by Costa Tsaousis | Site firehol.org

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: Bidirectional fixes. Now accepts parameters case insensitive. Various other improvements.

tags | tool, spoof, firewall

systems | linux, unix

MD5 | 0f4bed6175e71065ee74bd140436f09e

Download | Favorite | View

FireHOL 2.0.3

Posted Apr 27, 2015

Authored by Costa Tsaousis | Site firehol.org

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: Fix added to avoid errors when using physin/physout. Note that these parameters are only useful when the traffic travels over a single bridge. Fix added to handle tc output on some systems, courtesy of Phineas Gage.

tags | tool, spoof, firewall

systems | linux, unix

MD5 | 4aa871bd39ecb53b40e86f0efb4b677a

Download | Favorite | View

FireHOL 2.0.2

Posted Mar 6, 2015

Authored by Costa Tsaousis | Site firehol.org

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: Added option --disable-doc to configure script. Fix to ensure the final firewall close code emits as both ipv4 and ipv6 where appropriate even if only ipv4 or ipv6 was used for the final interface/router.

tags | tool, spoof, firewall

systems | linux, unix

MD5 | 424f39588853c8685db6eda6d3867fbf

Download | Favorite | View

FireHOL 2.0.1

Posted Feb 16, 2015

Authored by Costa Tsaousis | Site firehol.org

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: A couple of bug fixes have been addressed.

tags | tool, spoof, firewall

systems | linux, unix

MD5 | 673fa39d4166de831637df086fbfcc13

Download | Favorite | View

FireHOL 2.0.0

Posted Oct 27, 2014

Authored by Costa Tsaousis | Site firehol.org

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: Various updates.

tags | tool, spoof, firewall

systems | linux, unix

MD5 | 585f0ab3c84672a26472379aa7eefb5b

Download | Favorite | View

FireHOL 1.297

Posted Dec 27, 2013

Authored by Costa Tsaousis | Site firehol.org

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: Removed adsense from offline manual pages. Fixed permissions on a couple of examples.

tags | tool, spoof, firewall

systems | linux, unix

MD5 | 1a04fe45e6f8bfae8eb6fc0b2effa79b

Download | Favorite | View

Sanewall 1.1.6

Posted Nov 6, 2013

Authored by Costa Tsaousis, Phil Whineray | Site sanewall.org

Sanewall is a firewall builder for Linux which uses an elegant language abstracted to just the right level. This makes it powerful and easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls. Sanewall can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, all kinds of NAT, providing strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, and whitelists. Newer versions abstract the differences between IPv4 and IPv6, allowing you to define a common set of rules for both, while permitting specific rules for each as you need.

Changes: Various minor improvement.

tags | tool, spoof, firewall

systems | linux, unix

MD5 | ce046b15678cf7186c9f1179cd43bccb

Download | Favorite | View

FireHOL 1.296

Posted Oct 18, 2013

Authored by Costa Tsaousis | Site firehol.org

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: See changelog.

tags | tool, spoof, firewall

systems | linux, unix

MD5 | 7b634a0e1a338acfa782e6dca1adf5b7

Download | Favorite | View

Sanewall 1.1.4

Posted Jul 9, 2013

Authored by Costa Tsaousis, Phil Whineray | Site sanewall.org

Sanewall is a firewall builder for Linux which uses an elegant language abstracted to just the right level. This makes it powerful and easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls. Sanewall can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, all kinds of NAT, providing strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, and whitelists. Newer versions abstract the differences between IPv4 and IPv6, allowing you to define a common set of rules for both, while permitting specific rules for each as you need.

Changes: "sanewall save" now creates two files, which is what most init systems expect. "sanewall status" now identifies which blocks are IPv6 or IPv4. "sanewall condrestart" now follows convention by only restarting if already running. Various programs and files are now detected at configure-time rather than run-time.

tags | tool, spoof, firewall

systems | linux, unix

MD5 | 47d350a962fe74282bbe4b320b20d41d

Download | Favorite | View

Sanewall 1.1.3

Posted Jun 6, 2013

Authored by Costa Tsaousis, Phil Whineray | Site sanewall.org

Sanewall is a firewall builder for Linux which uses an elegant language abstracted to just the right level. This makes it powerful and easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls. Sanewall can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, all kinds of NAT, providing strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, and whitelists. Newer versions abstract the differences between IPv4 and IPv6, allowing you to define a common set of rules for both, while permitting specific rules for each as you need.

Changes: This release fixes IPv4/IPv6 auto-detection so it is not confused by VLAN interface names such as eth0.22.

tags | tool, spoof, firewall

systems | linux, unix

MD5 | ca8318fb972971e07bf7f15fe41080d1

Download | Favorite | View

Sanewall 1.0.2

Posted May 14, 2013

Authored by Costa Tsaousis, Phil Whineray | Site sanewall.org

Sanewall is a firewall builder for Linux which uses an elegant language abstracted to just the right level. This makes it powerful and easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls. Sanewall can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, all kinds of NAT, providing strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, and whitelists. Newer versions abstract the differences between IPv4 and IPv6, allowing you to define a common set of rules for both, while permitting specific rules for each as you need.

Changes: Fixes kernel version detection per 1.0.2. The configure script makes sanewall executable. The unconfigured sanewall.in issues a warning when it is run directly. The configure script now sets /usr/local/etc as the location for Sanewall to look in as well as store configuration files in if --sysconfdir is not given, solving bug 78. There is a switch to enable debug output. Handles domain names that refer to records that are IPv4, IPv6, or both. Fixes protection against direct use of /sbin/iptables and /sbin/ip6tables that was broken from 1.1.0.

tags | tool, spoof, firewall

systems | linux, unix

MD5 | d9675c2f5f7c441c1709a85ae8213b73

Download | Favorite | View

Sanewall 1.1.1

Posted May 7, 2013

Authored by Costa Tsaousis, Phil Whineray | Site sanewall.org

Sanewall is a firewall builder for Linux which uses an elegant language abstracted to just the right level. This makes it powerful and easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls. Sanewall can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, all kinds of NAT, providing strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, and whitelists. Newer versions abstract the differences between IPv4 and IPv6, allowing you to define a common set of rules for both, while permitting specific rules for each as you need.

Changes: When startup fails, both IPv4 and IPv6 firewalls are correctly restored. A regression test framework has been added. This release fixes the "mac" helper command for versions of iptables 1.4.12+ per 1.0.1, and also prevents MAC addresses being seen as IPv6 addresses.

tags | tool, spoof, firewall

systems | linux, unix

MD5 | 6da2d55102f712db5bc6395ce3325801

Download | Favorite | View

Sanewall 1.1.0

Posted May 1, 2013

Authored by Costa Tsaousis, Phil Whineray | Site sanewall.org

Sanewall is a firewall builder for Linux which uses an elegant language abstracted to just the right level. This makes it powerful and easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls. Sanewall can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, all kinds of NAT, providing strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, and whitelists. Newer versions abstract the differences between IPv4 and IPv6, allowing you to define a common set of rules for both, while permitting specific rules for each as you need.

Changes: This development version includes the latest IPv4/IPv6 abstraction code. Please see the README to get started and for known issues, and report any problems to the mailing list.

tags | tool, spoof, firewall

systems | linux, unix

MD5 | 3a84eeded9210583a60675cae4791ebd

Download | Favorite | View

Sanewall 1.0.0

Posted Apr 25, 2013

Authored by Costa Tsaousis, Phil Whineray | Site sanewall.org

Sanewall is a firewall builder for Linux which uses an elegant language abstracted to just the right level. This makes it powerful and easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls. Sanewall can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, all kinds of NAT, providing strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, and whitelists. Newer versions abstract the differences between IPv4 and IPv6, allowing you to define a common set of rules for both, while permitting specific rules for each as you need.

tags | tool, spoof, firewall

systems | linux, unix

MD5 | 83bb57e896d8d4d5b95557d3f742bff0

Download | Favorite | View

firehol-1.273.tar.bz2

Posted Jul 31, 2008

Authored by Costa Tsaousis | Site firehol.org

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: See changelog.

tags | tool, spoof, firewall

systems | linux

MD5 | cbbe1ba21cf44955827d5c906a55aa21

Download | Favorite | View