Go to file
Brie Bruns 423f6caff4 Add information for release 2021-09-02 15:41:37 -06:00
bin Add IPTABLESOPT 2021-04-17 16:30:22 -06:00
debian More debian package changes 2014-04-12 18:10:32 +00:00
doc Added initscript 2014-04-13 17:21:38 +00:00
etc Refactor NETMAP a bit so it allows more flexibility with src and dst. Requires that the custom field starts with the --to address. 2020-01-01 12:53:42 -07:00
lib no message 2020-04-09 10:46:13 -06:00
CHANGELOG Release 2.2.1 2021-04-17 16:49:43 -06:00
INSTALL Update information for release 2021-09-02 15:33:38 -06:00
LICENSE 2014-04-09 02:11:35 +00:00
Makefile 2014-04-13 16:38:08 +00:00
README Add information for release 2021-09-02 15:41:37 -06:00
release.json Add information for release 2021-09-02 15:37:32 -06:00

README

SRFirewall v2.2.1
http://www.sosdg.org/freestuff/firewall
Written by: Brielle Bruns <bruns@2mbit.com>

SRFirewall is a complete rewrite of Firewall/SOSDG v1.1, from scratch,
with a completely new and reorganized config and file layout.

Configuration Examples:
http://www.sosdg.org/software/srfirewall/examples
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

I've spent years manually configuring and building scripts for new
machines, usually single use.  The existing firewall scripts, like
ipkungfu, were great, but either lacked features, or lacked IPv6
support.  I'd have to spend days working around oddities and hacking in
support for new features.

It wasn't until around 2009 that I decided to stop the constant
'reinventing the wheel' and make a single package that suited my needs
well, and could be reused when needed.  The result was Firewall/SOSDG -
a firewall script, written completely in bash scripting, and could run
on most distros with the least amount of hassle.

Sure, it was rather clumsy, and I had to rework config files multiple
times to add support for new features - but, in the end, it was
something that I built to my needs.

Fast forward to v1.0.  The script had matured, was functional, but had
some major issues with design that just wouldn't work well in the long
term.  I put off any kind of redesign for a while, eventually quietly
releasing v1.1 to fix some minor bugs.  No further changes have been
done since, as I have no desire to keep maintaining that old code.

I was going to release a v2.0 of the script, reengineer the main config
system but keep the same general backend script.  After looking through
the code, I got frustrated and decided the time was right to start over.

Enter SRFirewall - a new name chosen because I wanted something new to
represent the work I would be putting into rebuilding the code.