Firehol

From ArchWiki
Jump to: navigation, search

FireHOL is a language (and a program to run it) to build secure, stateful firewalls from easy to understand, human-readable configuration files. The configuration stays readable even for very complex setups. In the background it interfaces with iptables (IPv4/IPv6).

Installation

Install fireholAUR or firehol-gitAUR.

Configuration

Tango-view-fullscreen.pngThis article or section needs expansion.Tango-view-fullscreen.png

Reason: stub (Discuss in Talk:Firehol#)

The configuration file is /etc/firehol/firehol.conf.

A good way to start learning its scripting declarations is by copying an Firehol example configuration.

The configuration file is bash file and has 3 parts:

  • helper
  • interface
  • router

Try, Run and Enable

You can test the configuration file's correctness by issuing:

# firehol try

or

# firehol nofast try

If the configuration is working, start/enable the firehol.service.

Tip: