Ubuntu
apf-firewall package

apf-firewall 9.7+rev1-5 source package in Ubuntu

Changelog

apf-firewall (9.7+rev1-5) unstable; urgency=medium

  * QA upload
  * Add missing build targets

 -- Christoph Biedl <email address hidden>  Fri, 23 Dec 2016 23:07:23 +0100

Upload details

Uploaded by:
Debian QA Group
Uploaded to:
Sid
Original maintainer:
Debian QA Group
Architectures:
all
Section:
net
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Zesty: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
apf-firewall_9.7+rev1-5.dsc 1.7 KiB 32e498368a58880af38235c48f5dfc7b584cde25c5efe56967a7442c1b860238
apf-firewall_9.7+rev1.orig.tar.gz 103.7 KiB 9a1d3b87f73122b348d0c40a528a153e465c328b41bd3858ae3237b978346ba0
apf-firewall_9.7+rev1-5.diff.gz 11.9 KiB 6e94d73d120261c2c5d035b13a25a6cb7426f944730b6c91d9643ef0c0f8ca3a

Available diffs

No changes file available.

Binary packages built by this source

apf-firewall: easy iptables based firewall system

 Advanced Policy Firewall (APF) is an iptables(netfilter) based firewall
 system designed around the essential needs of today's Internet deployed
 servers and the unique needs of custom deployed Linux installations. The
 configuration of APF is designed to be very informative and present the
 user with an easy to follow process, from top to bottom of the
 configuration file. The management of APF on a day-to-day basis is
 conducted from the command line with the 'apf' command, which includes
 detailed usage information and all the features one would expect from a
 current and forward thinking firewall solution.
 .
 Summary of features:
   * detailed and well commented configuration file
   * granular inbound and outbound network filtering
   * user id based outbound network filtering
   * application based network filtering
   * trust based rule files with an optional advanced syntax
   * global trust system where rules can be downloaded from a central
     management server
   * reactive address blocking (RAB), next generation in-line intrusion
     prevention
   * debug mode provided for testing new features and configuration setups
   * fast load feature that allows for 1000+ rules to load in under 1 second
   * inbound and outbound network interfaces can be independently configured
   * global tcp/udp port & icmp type filtering with multiple methods of
     executing filters (drop, reject, prohibit)
   * configurable policies for each ip on the system with convenience variables
     to import settings
   * packet flow rate limiting that prevents abuse on the most widely abused
     protocol, icmp
   * prerouting and postrouting rules for optimal network performance
   * dshield.org block list support to ban networks exhibiting suspicious
     activity
   * spamhaus Don't Route Or Peer List support to ban known "hijacked zombie"
     IP blocks
   * any number of additional interfaces may be configured as firewalled
     (untrusted) or trusted (not firewalled)
   * additional firewalled interfaces can have there own unique firewall
     policies applied
   * intelligent route verification to prevent embarrassing configuration
     errors
   * advanced packet sanity checks to make sure traffic coming and going meets
     the strictest of standards
   * filter attacks such as fragmented UDP, port zero floods, stuffed routing,
     arp poisoning and more
   * configurable type of service options to dictate the priority of different
     types of network traffic
   * intelligent default settings to meet every day server setups
   * dynamic configuration of your servers local DNS revolvers into the firewall
   * optional filtering of common p2p applications
   * optional filtering of private & reserved IP address space