FireHOL

http://firehol.org/

FireHOL, an iptables stateful packet filtering firewall for humans!
FireQOS, a TC based bandwidth shaper for humans!

Git

These instructions are for people who are working with the git repository. There are more general instructions starting with Upgrade Notes.

Cloning Git Repository

The github firehol repository page lists URLs which can be used to clone the repository.

After cloning you should copy the git hooks, for style checking and more:

cp hooks/* .git/hooks

Building Git Repository

You need GNU autoconf and GNU automake to be able to run:

./autogen.sh
./configure --enable-maintainer-mode
make
make install

If you don't want to have to install pandoc you can instead choose to build without documentation or manpages:

./autogen.sh
./configure --disable-doc --disable-man
make
make install

Re-run autogen.sh whenever you change configure.ac or a Makefile.am

You can run the sbin/* scripts in-situ provided you have done the configure and make steps.

Upgrade Notes

From version 2.0.0-pre6, FireHOL adds combined IPv4/IPv6 support within a single configuration.

If you are upgrading FireHOL from a version earlier than 2.0.0-pre6, please read the upgrade notes.

Installation

If you are installing the package from a tar-files release, FireHOL uses the GNU Autotools so you can just do:

./configure
make
make install

To not have files appear under /usr/local, try something like:

./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
make
make install

If your O/S does not usually have a /usr/libexec, you may want to add --libexecdir=/usr/lib to the configure.

You can get help on the options available (including disabling unwanted components) by running:

./configure --help

From version 3.0.0 it is no longer recommended to install firehol by copying files, since a function library is now used, in addition to the scripts.

Getting Started

Configuration for FireHOL goes in /etc/firehol/firehol.conf Configuration for FireQOS goes in /etc/firehol/fireqos.conf

In the examples directory, you can find examples for both programs.

To start the programs:

firehol start
fireqos start

For more details on the command-line options, see the man-pages:

man firehol
man fireqos

Read the tutorials on the website for more information and to learn how to configure the programs.

For detailed information on the configuration files, read the manual online, or start with these the man-pages:

man firehol.conf
man fireqos.conf

You may want to ensure that FireHOL and FireQOS run at boot-time. If you installed from an distribution package this will be configured in the usual way.

For a tar-file installation, the binaries can often be linked directly into /etc/init.d, since their options are SysVInit compatible. Some example systemd service files can be found in the contrib folder.

Support and documentation

The main website is http://firehol.org/.

To ask questions please sign up to the mailing list

Man pages, PDF and HTML documentation are provided as part of the package and can be found in the tarball or in your distribution's standard locations (e.g. /usr/share/doc). The latest manual is also online.

The site has a list of all services supported by FireHOL "out of the box" as well as information on adding new services.

License

Copyright (C) 2012-2017 Phil Whineray <[email protected]>
Copyright (C) 2002-2017 Costa Tsaousis <[email protected]>

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA