ferm - for Easy Rule Making

Introduction

ferm is a tool to maintain complex firewalls, without having the trouble to rewrite the complex rules over and over again. ferm allows the entire firewall rule set to be stored in a separate file, and to be loaded with one command. The firewall configuration resembles structured programming-like language, which can contain levels and lists.

chain INPUT {
    policy DROP;
    mod state  state (RELATED ESTABLISHED)  ACCEPT;
    proto tcp  dport (http ftp ssh)  ACCEPT;
}

ferm 2.7

The latest version is: 2.7.

Changelog

Packages

Debian, Gentoo, Arch and Fedora have official ferm packages.

Documentation

Read the ferm manual online.

To get a quick overview, you may find the examples useful:

Development

The ferm sources are managed in a git repository. To clone the repository, type:

git clone https://github.com/MaxKellermann/ferm

Send pull requests via GitHub

Contact

For support or discussion on ferm, you have two choices:

Copyright

ferm is © Max Kellermann, Auke Kok <sofar at foo-projects.org>

Licensed under the GPLv2.