ferm is a tool to maintain complex firewalls, without having the trouble to rewrite the complex rules over and over again. ferm allows the entire firewall rule set to be stored in a separate file, and to be loaded with one command. The firewall configuration resembles structured programming-like language, which can contain levels and lists.
chain INPUT {
policy DROP;
mod state state (RELATED ESTABLISHED) ACCEPT;
proto tcp dport (http ftp ssh) ACCEPT;
}
The latest version is: 2.7.
Debian, Gentoo, Arch and Fedora have official ferm packages.
To get a quick overview, you may find the examples useful:
The ferm sources are managed in a git repository. To clone the repository, type:
git clone https://github.com/MaxKellermann/ferm
Send pull requests via GitHub
For support or discussion on ferm, you have two choices:
ferm is © Max Kellermann, Auke Kok <sofar at foo-projects.org>
Licensed under the GPLv2.