myfw 1.5 review

by on

myfw is firewall based on iptables snipets (modules)

License: LGPL (GNU Lesser General Public License)
File size: 53K
Developer: Xavier Renaut
0 stars award from

myfw is firewall based on iptables snipets (modules). myfw project helps you to build your iptables firewall.

A configuration is listing ``modules'', which are containing iptables rules. Thoses modules can contain perl code, in order to facilitate writing of rules (think foreach @ntp_servers). They can also contain raw iptables commands for kick and easy start.

Configs can be pre-defined, which is useful if you have multiple machines that need the same firewall rules.

myfw also generate ipac-ng rules, according to iptables chains inserted.


to start : ./base

to stop :
./base stop

-a : accept default rule instead of drop. usefull for debug in case the execution is half borked

-d : show unprocessed commands (with variables names) (good for debug) -e : show iptables commands -c : yet another debug : show what is evaluated -l : debug parse -v : level debug -f : don't touch forward (/proc/sys/net/ipv4/ip_forward) in case of fw failure -o : no cmd-owner -s : use this special config file -i : no ipac at all old : no domain ipac (good for slow machines, shorter startup time) -i should not use ipac at all (or add another option) -r : yet another debug -t : use iptables-restore mode (does not work on woody : --sport invalid ..??) -n : no execute, just try the script

-p : print config -m

myfw 1.5 search tags