OSDN -- 开发和下载开源软件
简体中文翻译状态 translation status for zh

RSS
Download List

项目描述

Arno's IPTABLES Firewall Script is a secure stateful firewall for both single and multi-homed machines. It supports NAT and SNAT, port forwarding, ADSL ethernet modems with both static and dynamically assigned IPs, MAC address filtering, stealth port scan detection, DMZ support, protection against SYN/ICMP flooding, experimental IPv6 support, multi-interface/aliased-IP support, and extensive user definable logging with rate limiting to prevent log flooding. It has plugin support to add extra features (like SSH Brute Force protection and (Racoon) IPSEC support). It is easy to configure and highly customizable. A filter script that makes your firewall log more readable is also included.

系统要求

System requirement is not defined
Information regarding Project Releases and Project Resources. Note that the information here is a quote from Freecode.com page, and the downloads themselves may not be hosted on OSDN.

2011-01-06 21:08
2.0.0a

批量包装,在某些情况下,失败是固定的。旧版插件支持,所使用的PLUGIN_PATH变量被删除。一个问题时,IPV6_SUPPORT值已更改,这是一个'重新开始'其次是固定的。有一些化妆品的调整。
标签: Stable
Batch wrappers that failed in some cases were fixed. Legacy plugin support that used the PLUGIN_PATH variable was removed. An issue when the value of IPV6_SUPPORT was changed, and this was followed with a 'restart' was fixed. There were some cosmetic tweaks.

2010-11-19 06:40
2.0.0

IPv6的若干修正和调整。
标签: Stable
Several IPv6 fixes and tweaks.

2010-10-29 18:23
1.9.9-rc1

支持加入一个可选plugin_restart()使用一个新的插件模板插件功能。环境变量的ident用于插件。该IPV6_AUTO_CONFIGURATION变量添加到控制autoconf的时候IP_FORWARDING = 0。该IPV6_OVER_IPV4_SERVER变量是增加了对IPv6的过度IPv4的插件,限制的6to4源数据包。杂项进行了调整和修正。
标签: Unstable
Support was added for an optional plugin_restart() function in plugins using a new plugin template. The IDENT environment variable is used for plugins. The IPV6_AUTO_CONFIGURATION variable was added to control autoconf when IP_FORWARDING = 0. The IPV6_OVER_IPV4_SERVER variable was added for the ipv6-over-ipv4 plugin, restricting 6to4 source packets. Miscellaneous tweaks and fixes were done.

2010-10-12 21:06
1.9.9-beta1

实施完整的IPv6支持,再加上IPv4/IPv6混合模式。有许多的调整和修正。
标签: Unstable
Full IPv6 support was implemented, along with a mixed IPv4/IPv6 mode. There were many tweaks and fixes.

2010-08-31 23:41
1.9.2l

该sysctl_key()函数实现的,是对IPv6的检测,它修正了一个严重的安全问题使用。从现在起,所有变量都显式设置通配符的sysctl变量(如“net.ipv4.conf .*. rp_filter”),因为新的内核处理这些不同了。在“阻止主机”功能,增加了BLOCK_HOSTS_BIDIRECTIONAL选项来指定主机是否被阻止入站和出站(这是默认值)或仅入站。添加了一个选项以启用或禁用内部网和DMZ反欺骗。添加了一个选项来启用或关闭IGMP记录。杂项调整和修复了。
标签: major (security)
The sysctl_key() function was implemented and is used for IPv6 detection, which fixes a serious security issue. From now on, all variables are explicitly set for sysctl wildcard variables (like "net.ipv4.conf.*.rp_filter") since newer kernels handle those differently now. The "Blocked Host" feature adds the BLOCK_HOSTS_BIDIRECTIONAL option to specify whether hosts are blocked both inbound and outbound (which is the default) or inbound only. An option was added to enable or disable antispoofing for internal and DMZ nets. An option was added to enable or disable IGMP logging. Miscellaneous tweaks and fixes were made.

Project Resources

Project Page 首页