Linux Firewall


The Linux Firewall is a powerful firewall based on netfilter/iptables designed for Linux workstations, routers, and servers.


Latest stable release: Latest stable release with installer: Latest prerelease version: Older releases:

  • Install - Basic installation instructions and system requirements for rc.firewall.
  • GUI Installer - Documentation for text menu based firewall installation program.   <-- Easiest for new users.
  • Config - Explanation of configuration directives.
  • Advanced - Discussion of advanced features, firewall behavior, and command line arguments.
  • Changelog - Complete changelog.

  • Discussion Forum - Submit comments, suggestions, and bugreports here.

  • Port Security for Newbies - Read this essay before submitting a bugreport that begins with:
                  "help!!! website 'X' told me my computer is insecure!!!"
  • Using the Firewall in an ISP Application - An essay on the history, and current applications of the firewall in professional networks.
  • - Script to patch kernel source; required to enable TTL stealth router mode.

  • Freshmeat - Subscribe to new releases, review dependencies, and vote for us if you like the project.


  • 2.0rc10 prerelease 1 is now posted. See below for changes.
  • Non-English language users who have experienced problems with the current release are encouraged to try this version. Note that the fix implemented relies on the existence of either /usr/share/locale/en_US/LC_MESSAGES/ or /usr/share/locale/en/LC_MESSAGES/


  • LANG variable is now used to display 'ifconfig' output in the English language.
  • Firewall now shows the public address in the exit message when FIREWALL_IP is enabled.
  • Improved error messages for STATIC_INSIDE_OUTSIDE.
  • Updated instances of deprecated coreutils syntax, e.g. "head -#" was changed to "head -n #".
  • Firewall now issues a warning when trying to overwrite a configuration file with 'save' instead of 'update'.

To Do

  • ...VPN support...
  • Consider updating progress dot placement in the script to more closely coincide with progress as a function of time. (cosmetic)
  • Consider additional comment section to explain advanced features in rc.firewall. (input welcome)

Questions, Problems, Flames, Troubleshooting, & Bug Reports
  • Project author/maintainer, Scott Bartlett: or for VT,

 [ Viewable with any browser ]  [ Valid HTML 4.01 ]  [ Written in vi ]