Simple Firewall for Gentoo

Well I just needed a simple firewall script for Gentoo. As most of the simple ones in the wild are missing some features I wanted, I wrote one on my own. In the hope it will be helpful to somebody else, here it is.

Features

  • IPv4 and IPv6
  • Usable with multiple public IPs
  • Simple configuration file
  • Spoofing-protection for local IPs
  • Versatile and correct ICMPv4/ICMPv6 filtering with rate-limiting
  • Simple banning for SSH-Robots
  • IPSec AH/ESP – Handling with some DoS and spoofing-protection
  • Simple Masquerading of IPSec-Traffic

Planned Features

  • Versatile logging features
  • Command to retrieve statistics (recent-, spoofing-tables and hit-counters) in a fancy way

Contents

  • /etc/init.d/firewall
  • /etc/conf.d/firewall

Install

To install, simply copy the files to the correct place and start the firewall with

Configuration

Well … It’s simple. Just take a look at the configuration file. It only has three parameters, which should be self explaining.

License

The code is licensed under GPLv2.

Download

You can download the archive or just copy the code below.

Code

 

 

Networks beyond the sky