Latest News

Nov 22, 2016 - FireHOL v3.0.2 Released

This is a bugfix release, opening the way for bigger changes in 3.1.x.

Oct 05, 2016 - Let's Encrypt

Website SSL certificates are now from Let's Encrypt.

There's some fairly bad news on StartSSL who were our supplier up until now.

The dehydrated bash script made everything pretty simple.

Dec 20, 2015 - FireHOL v3 Released

With combined IPv4/IPv6 firewalling, QOS management, IP list management, multiple-link balancing and network namespace builder, this is the package you are looking for!

Aug 19, 2015 - FireHOL IP Lists Analytics

New web site: FireHOL IP Lists Analytics

In this site you will find up to date information for IP lists tracking

  • attacks
  • abuse
  • malware
  • anonymizers

Each IP list is analyzed and documented for its size over time, its country map, its retention policy and its overlaps with all other IP lists.

Apr 26, 2015 - FireHOL 2.0.3

FireHOL 2.0.3 has been released.

This version allows FireQOS to interpret the output of tc on more systems.

In addition, iptables errors and warnings on newer kernels relating to the use of physin and physout in bridges have been stopped.

Mar 14, 2015 - FireHOL 2.0.2 and 3.0.0-rc.2

FireHOL 2.0.2 and 3.0.0-rc.2 have been released.

For people who are differentiating ipv4 and ipv6 at the interface or router level these have an important fix. Without it, one ip version of your firewall will not accept RELATED traffic or log dropped packets.

People who only use interface and router to do both simultaneously are not affected, even if they differentiate individual helper and/or service rules. Those who produce an IPv4 or IPv6 only firewall will not be affected either.

FireHOL 3.0.0-rc.2 contains even more improvements including synproxy support and load-balacing NAT. Please help test it by checking that the output it generates for your current configuration is still correct and report any problems you find.

Feb 15, 2015 - FireHOL 2.0.1 and 3.0.0-rc.1

FireHOL 2.0.1 has been released. This version fixes a bug where a custom iptables -I command is lost.

At the same time, FireHOL 3.0.0-rc.1 is now available. This version contains many improvements over the 2.x series including more features, faster operation and optimised output. See:

  • This post for some details on recent changes.
  • The traps and knocks Wiki page for simple IDS and knocking configurations without daemons
  • The marks Wiki page for information on the new handling of marks. FireHOL now allows you to define multiple mark ranges with different behaviours and will take care of the details of making them work with the single kernel mark.

Please help test 3.0.0-rc.1 by checking that the output it generates for your current configuration is still correct and report any problems you find.

If you are upgrading from version 1.x, please see the upgrade notes.

Oct 24, 2014 - FireHOL 2.0.0 final released

FireHOL 2.0.0 has been released. This version includes full IPv6 support for firewalling and traffic shaping / QOS

If you are upgrading from an earlier version, please see the upgrade notes.

Oct 19, 2014 - FireHOL 2.0.0-rc.3 released

Just a few more problems found and fixed. Expect the final 2.0.0 really soon now.

Aug 02, 2014 - FireHOL 2.0.0-rc.1 released

This release marks the final stabilisation effort. Hopefully the next release of FireHOL / FireQOS will be a final 2.0.0 version with full IPv6 support.

Feb 15, 2014 - Combined IPv4/IPv6 operation

With release v2.0.0-pre6, FireHOL adds combined IPv4/IPv6 configuration as standard.

See the upgrade notes when moving from an earlier version.

Oct 18, 2013 - FireQOS on the way

FireQOS is a Quality Of Service tool that will be added in the next release.

It has the same ease of use and simplicity of expression you get with FireHOL.

For a sneak preview, see the documentation on the FireHOL Wiki

Oct 13, 2013 - FireHOL transitioning to a new home

FireHOL is moving to GitHub for development.

Website, mailing lists and so on have moved also.

Jan 07, 2013 - FireHOL R5 v1.296 released

Added support for NFLOG. FireHOL now syslogs all important actions.

Updated services amanda, ftp, pptp, tftp, h323, GRE, sip.

Added support for CONNMARK and CLASSIFY.

Fixed several issues.

Jul 31, 2008 - FireHOL R5 v1.273 released

Updated to parse the latest format of the IANA reservations page.

Added support for custom actions for services. This opens a way for allowing actions that can be controlled externally without restarting the firewall.

Fixed several minor issues (better NAT support for all services, handling for external pager command, kernel config parsing, config wizard, etc).