making sense of firewalling

Project information

Sanewall is a firewall builder for Linux which uses an elegant language abstracted to just the right level. This makes it powerful as well as easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls.

Sanewall can be used for almost any Linux firewall need, including:

Development versions and the daily snapshots support IPv6. Please ensure you read the README before using a one of these versions.

Sanewall abstracts the differences between IPv4 and IPv6 firewalls, allowing you to define a single configuration for everything. You can apply individual rules to IPv4, IPv6 or both as your needs dictate.

Sanewall is a fork of FireHOL. The configuration language is identical, just see this FAQ for some variable name changes. For now the FireHOL website is still the best source of introductory information.

Sanewall is released under the GPLv2+ open source licence.