Hello Netfilter users, NuFW 2.0 "extatic porcupine" is available. This is the first release of the new stable branch of the NuFW project (http://www.nufw.org). NuFW is an authenticating firewall based on Netfilter. NuFW can : - Authenticate any connection that goes through your gateway or only from/to a chosen subset or a specific protocol (iptables is used to select the connections to authenticate). - Perform accounting, routing and quality of service based on users and not simply on IPs. - Filter packets with criterium such as application and OS used by distant users. - Be the key of a secure and simple Single Sign On system. Main new Netfilter related features of 2.0 are : * Libnfnetlink based interaction with kernel: NuFW 2.0 is able to use libnetfilter_queue and libnetfilter_conntrack to handle interaction with kernel. * Complete period handling: ACLs can now be linked with a period. The match against the period is initially done by NuFW (as time match does) but connection is removed from conntrack automatically at the end of the period. Removal can be done via a libnetfilter_conntrack call at end of the period or directly (with a patched kernel) via connection timeout in the conntrack. The related patch (fixed_timeout) has been queued by Patrick McHardy for inclusion in 2.6.18. More information about new features of NuFW are available at: http://www.nufw.org/What-s-new-A-comparison-between.html Happy "user" filtering to all, -- Eric Leblond <eric@xxxxxx>
Attachment:
signature.asc
Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=
