This is a bugfix release, opening the way for bigger changes in 3.1.x.
Website SSL certificates are now from Let's Encrypt.
There's some fairly bad news on StartSSL who were our supplier up until now.
The dehydrated bash script made everything pretty simple.
With combined IPv4/IPv6 firewalling, QOS management, IP list management, multiple-link balancing and network namespace builder, this is the package you are looking for!
New web site: FireHOL IP Lists Analytics
In this site you will find up to date information for IP lists tracking
Each IP list is analyzed and documented for its size over time, its country map, its retention policy and its overlaps with all other IP lists.
FireHOL 2.0.3 has been released.
This version allows FireQOS to interpret the output of
tc on more systems.
In addition, iptables errors and warnings on newer kernels relating to the use of
physout in bridges have been stopped.
FireHOL 2.0.2 and 3.0.0-rc.2 have been released.
For people who are differentiating ipv4 and ipv6 at the interface or router level these have an important fix. Without it, one ip version of your firewall will not accept RELATED traffic or log dropped packets.
People who only use
router to do both simultaneously are not affected, even if they differentiate individual helper and/or service rules. Those who produce an IPv4 or IPv6 only firewall will not be affected either.
FireHOL 3.0.0-rc.2 contains even more improvements including synproxy support and load-balacing NAT. Please help test it by checking that the output it generates for your current configuration is still correct and report any problems you find.
FireHOL 2.0.1 has been released. This version fixes a bug where a custom
iptables -I command is lost.
At the same time, FireHOL 3.0.0-rc.1 is now available. This version contains many improvements over the 2.x series including more features, faster operation and optimised output. See:
Please help test 3.0.0-rc.1 by checking that the output it generates for your current configuration is still correct and report any problems you find.
If you are upgrading from version 1.x, please see the upgrade notes.
FireHOL 2.0.0 has been released. This version includes full IPv6 support for firewalling and traffic shaping / QOS
If you are upgrading from an earlier version, please see the upgrade notes.
Just a few more problems found and fixed. Expect the final 2.0.0 really soon now.
This release marks the final stabilisation effort. Hopefully the next release of FireHOL / FireQOS will be a final 2.0.0 version with full IPv6 support.
With release v2.0.0-pre6, FireHOL adds combined IPv4/IPv6 configuration as standard.
See the upgrade notes when moving from an earlier version.
FireQOS is a Quality Of Service tool that will be added in the next release.
It has the same ease of use and simplicity of expression you get with FireHOL.
For a sneak preview, see the documentation on the FireHOL Wiki
FireHOL is moving to GitHub for development.
Website, mailing lists and so on have moved also.
Added support for NFLOG. FireHOL now syslogs all important actions.
Updated services amanda, ftp, pptp, tftp, h323, GRE, sip.
Added support for CONNMARK and CLASSIFY.
Fixed several issues.
Updated to parse the latest format of the IANA reservations page.
Added support for custom actions for services. This opens a way for allowing actions that can be controlled externally without restarting the firewall.
Fixed several minor issues (better NAT support for all services, handling for external pager command, kernel config parsing, config wizard, etc).