I found the following :
- netfilter.org is home to the software of the packet filtering framework.
- Firewall Builder (2.1.8 12/2006 C/Qt) : I tried it and liked it ! Classical firewall GUI, clear behavior and link to IPTables. I just wonder if it is possible to express all the potential of IPTables ? (like that : Mitigating against SSH brute force attacks using Netfilter or Using iptables to rate-limit incoming connections)
- Firestarter (1.0.3 01/2005) : I tried it, but didn’t like it. It seem easier from the GUI point of view, but you have no clue of how it works, where it writes its configuration and what is the link (if any) with IPTables. By the way, as I was having strange problems with Firewall Builder, I noticed that FireStarter install itself as a service, continue to run even if you doesn’t launch the GUI but doesn’t log in message : AVOID !
- Webmin Modules IPtables Configuration Webmin Module (niemueller.de 0.91.1 10/2005) and Turtle Firewall Project (1.37 02/2006)
- EasyChains (0.8.5 01/2004) : Easy-to-use gui for the console firewall tool. I didn’t tried it.
- FireHOL (R5 v1.226 01/2005), the iptables stateful packet filtering firewall builder.
- Jay’s Iptables Firewall (1.0.5 08/2005 Curses/Perl) : Curses could be nice with SSH. Have to try it !
- Guarddog (2.4 12/2004)
- Bifrost, (0.9.6 2002 NON FREE) Firewalling made easy
- The Bastille Hardening program “locks down” an operating system, proactively configuring the system for increased security and decreasing its susceptibility to compromise. A bit strong ?
- Shorewall (Shoreline Firewall) (3.2.8 01/2007) : a high-level tool for configuring Netfilter. It isn’t a GUI, but it is often recommended. Install as a service : I don’t understand why ?
- Easy Firewall Generator for IPTables (1.0.5 ?) : It is a web site generating your IPTables rules : Good idea
Which one should I choose ??
Bruno's blog 