Lutel Firewall 0.99 review
DownloadLutelWall (formerly known as Lutel Firewall) is high-level linux firewall configuration tool
|
|
LutelWall (formerly known as Lutel Firewall) is high-level linux firewall configuration tool. It uses human-readable and easy to understand configuration to set up Netfilter in most secure way. Its flexibility allows firewall admins build from very simple, single-homed firewalls, to most complex ones - with multiple subnets, DMZ's and traffic redirections. It can be used on a dedicated firewall system, a multi-function gateway/router/server or on a standalone system. Configuration method of this firewall is made to be as simple as possible without loosing Netfilter flexibility and its security facilities.
Here are some key features of "LutelFirewall":
flexible control over traffic using rule set
user-defined protocols support
support for any kind multiple external and internal interaces (and aliases)
automated MASQUERADE / SNAT support
easy to set up DNAT (transparent proxy, redirections to LAN/DMZ etc.)
rate limit extensions
packet marking for 3rd party shapers
TOS (Type of Service) traffic optimizer
both passive and active FTP support
DHCP support
can work as "workstation" firewa
stateful TCP connection tracking with restrictive TCP chain
blocking all stealth mode scans (FIN, Xmas Tree, Null, Windows scan or ACK scan modes (nmap -sF -sX -sN -sW -sA)
blocking IP protocol scans (nmap -sO)
blocking UDP scans (nmap -sU)
blocking identification via TCP/IP fingerprinting (nmap -O)
anti-spoof protection, including protection for aliases
anti-smurf protection
TCP SYN Flood protection
UDP / ICMP Flood protection
IANA reserved addresses checking
SYSCTL parameters set for increased strength
logging stealth scans (FIN, Xmas Tree, Null), ACK scan modes (nmap -sF -sX -sN), IP protocol scans (nmap -sO), UDP scans (nmap -sU), nmap fingerprinting attempts.
autodetect of connection type (static/dynamic, external/internal)
auto update of firewall tool
auto update IANA reserved list
display firewall statistics in iptables native, csv or html format
easy deployment on all distributions
What's New in This Release:
fixed iptables version checking
Lutel Firewall 0.99 search tags