You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Go to file
Brie Bruns 423f6caff4
Add information for release
2 years ago
bin Add IPTABLESOPT 2 years ago
debian More debian package changes 9 years ago
doc Added initscript 9 years ago
etc Refactor NETMAP a bit so it allows more flexibility with src and dst. Requires that the custom field starts with the --to address. 3 years ago
lib no message 3 years ago
CHANGELOG Release 2.2.1 2 years ago
INSTALL Update information for release 2 years ago
LICENSE 9 years ago
Makefile 9 years ago
README Add information for release 2 years ago
release.json Add information for release 2 years ago


SRFirewall v2.2.1
Written by: Brielle Bruns <>

SRFirewall is a complete rewrite of Firewall/SOSDG v1.1, from scratch,
with a completely new and reorganized config and file layout.

Configuration Examples:

I've spent years manually configuring and building scripts for new
machines, usually single use.  The existing firewall scripts, like
ipkungfu, were great, but either lacked features, or lacked IPv6
support.  I'd have to spend days working around oddities and hacking in
support for new features.

It wasn't until around 2009 that I decided to stop the constant
'reinventing the wheel' and make a single package that suited my needs
well, and could be reused when needed.  The result was Firewall/SOSDG -
a firewall script, written completely in bash scripting, and could run
on most distros with the least amount of hassle.

Sure, it was rather clumsy, and I had to rework config files multiple
times to add support for new features - but, in the end, it was
something that I built to my needs.

Fast forward to v1.0.  The script had matured, was functional, but had
some major issues with design that just wouldn't work well in the long
term.  I put off any kind of redesign for a while, eventually quietly
releasing v1.1 to fix some minor bugs.  No further changes have been
done since, as I have no desire to keep maintaining that old code.

I was going to release a v2.0 of the script, reengineer the main config
system but keep the same general backend script.  After looking through
the code, I got frustrated and decided the time was right to start over.

Enter SRFirewall - a new name chosen because I wanted something new to
represent the work I would be putting into rebuilding the code.