ferm is a tool to maintain complex firewalls, without having the trouble to rewrite the complex rules over and over again. ferm allows the entire firewall rule set to be stored in a separate file, and to be loaded with one command. The firewall configuration resembles structured programming-like language, which can contain levels and lists.
chain INPUT {
policy DROP;
mod state state (RELATED ESTABLISHED) ACCEPT;
proto tcp dport (http ftp ssh) ACCEPT;
}
The latest version is: 1.3.4.
Debian and Gentoo have official ferm packages.
Pahan-Hubbitus created (unofficial) RPM packages for Fedora in his YUM repository. There is a ferm subdirectory.
For support or discussion on ferm, join the channel #ferm on freenode.
To get a quick overview, you may find the examples useful:
The ferm sources are managed in a subversion repository. To get the current stable branch (1.3.x), enter:
svn co http://svn.foo-projects.org/svn/ferm/branches/ferm-1.3.x
In the trunk, ferm version 2.0 is being developed. It features arptables and ebtables support.
svn co http://svn.foo-projects.org/svn/ferm/trunk/ ferm
ferm is © Max Kellermann, Auke Kok <sofar at foo-projects.org>
Licensed under the GPLv2.