A new version of Vuurmuur is out: 0.7. This release mainly fixes bugs and build issues. Translations are generated and installed again, lots of traffic shaping fixes were made.
Support for pmtu MSS clamping was added, as was support for NAT source port randomization.
See http://www.vuurmuur.org/trac/wiki/Changelog for all changes.
Finally, after more than a year, a new stable release! This release
primarily adds support for traffic shaping to Vuurmuur. Read this short
guide on how to use it.
Get the release from ftp://ftp.vuurmuur.org/releases/0.6/
Debian and Ubuntu packages are available, including for the upcoming
Ubuntu Intrepid 8.10 and Debian Lenny and Sid. See these instructions
on how to use the apt archive.... read more
After the new site at http://www.vuurmuur.org/ I'm now pleased to
announce Vuurmuur version 0.5.73. This release both adds a number of new
features and fixes a lot of bugs. To start with the latter, many bugs in
the log and connection management were fixed. Also, Vuurmuur can handle
systems with nf_conntrack much better. There were lots of smaller fixes
all over the program.
In the new feature department there is support for NFQUEUE (which is
nice if you run Snort_inline), rule limits that are now optional for all
rules, and limits that can also be limited in minutes, hours or days.... read more
Since today there is a new homepage for Vuurmuur, which can be found at http://www.vuurmuur.org/ The new site is build on the Trac software and will replace both the static site at http://vuurmuur.sourceforge.net/ and the wiki http://wiki.vuurmuur.org/ The trackers hosted by SourceForge are also replaced by the Trac site.
Everyone is invited to help improve documentation on the new site!
Check out the site at http://www.vuurmuur.org/
Vuurmuur 0.5.72 is finally released! It has taken way longer than I originally planned, but I've had a very busy year. People wanting to help in the development are very welcome!
Like described in the alpha announcements the main focus of this release was the connection killing options in Vuurmuur_conf. It requires the conntrack tool to be installed. You can find the release at the sourceforge project page and on the ftp server ftp://ftp.vuurmuur.org/releases/0.5.72/... read more
Thanks to the hard work of Aleksandr Shubnik rpms for the i386 arch are now available for Fedora Core 5, OpenSuse 10.1 and Mandriva 2006.
Stefan Ubbink has created rpms for Fedora Core 5 for x86_64 and Phillipe Baumgart has created packages for Redhat Enterprise Linux 4.
All these packages, including source rpms can be found in the contrib directory on the Vuurmuur Ftp-server: ftp://ftp.vuurmuur.org/releases/0.5.71/contrib/... read more
Version 0.5.71 of Vuurmuur has been released. Most notable changes in this release:
a new action: DNAT. It works like the PORTFW, only it creates no filter rules. This makes it consistent with how SNAT works.
a new action called Bounce. Bounce solves the problem that it isn't it possible to access NATed services by the public IP address from LAN. Normally this should be solved on dns-level, but that is not always possible in every environment.
better anti-spoofing and bad-packets checks
large loading speedup for setups with many virtual interfaces.
Nicolas Dejardin contributed a build script for creating a Slackware package.... read more
Vuurmuur 0.5.70 has just been released. This release adds UTF-8 support for the interface, fixes logging on Ubuntu Breezy and improves the connection viewer so it now shows transferred data per connection. On the packaging side it adds Gentoo ebuilds and rpm spec files that now also support Fedora Core. Other than this manual pages were added, a Norwegian translation was added and there was a great number of other bugfixes, improvements and cleanups.... read more
Vuurmuur version 0.5.69 was just released. Biggest new feature is the addition an audit.log, which logs all changes to the configuration of Vuurmuur. See http://wiki.vuurmuur.org/tiki/tiki-index.php?page=Audit for details. A new translation was added: French. Thank you Nicolas Dejardin for your contribution!
Aleksandr Shubnik has created the first rpm packages. Only Suse 9.3 is supported at this time, but more will surely follow.... read more
Vuurmuur 0.5.68 was just released. This release adds a new way of installing through an autopackage (see www.autopackage.org). Vuurmuur_script showed up in 0.5.67 already, but in this release its finally fully usable. Other than that support for DHCP (both as server and as client) was added. Finally, packages for Ubuntu Hoary are supplied as well!
If you need support you can now also join the Vuurmuur irc channel: #vuurmuur at the irc.freenode.net network.
I'll probably be around in the channel most of the time. Feel free to contact us with questions, remarks, feature requests, bugs, etc.
Hugo Ribeiro has written a thesis about Vuurmuur. It is written in Brazillian Portuguese, so i hope someone will have the time to translate it!
The thesis can be found on the wiki machine:
Thank you Hugo for allowing me to publish it!
For those of you not running Debian, installing Vuurmuur meant using the source installer. Until now. By using the autopackage installing is very easy and fast.
Get the file from the wiki machine:
Installing is easy: just run the file like this: 'sh Vuurmuur-0.5.68.alpha6.x86.package'. See http://vuurmuur.twc-net.com/tiki/tiki-index.php?page=Installation for details.... read more
A new version of Vuurmuur is released.
This release features:
- fixed a bug that prevented the nat and mangle table to be cleaned properly.
- a German translation was added, provided by Holger Ohmacht.
- before upgrading a backup of the current config is now made. Written by Adi Kriegisch.
- added the possibility to limit per second how often a rule can be matched.
- various bugfixes and GUI improvements.... read more
I'm happy to present you a wiki site dedicated to Vuurmuur at http://vuurmuur.twc-net.com/tiki/
For the latest docs please visit the wiki, and for those of you
interested in writing docs with us please register and start writing!
The wiki is very generously hosted by Rob de Wit. Thank you Rob!
Right after the release of version 0.5.65 bugs were found in the install script, the debian package and in the program itself. So here is 0.5.66 which should fix all problems.
Please report problems to the mailinglist, the forums or directly to me.
After much feedback and ideas from people on the list and off the mailinglist finally a new release. Highlights of this release are:
- transparent proxy support
- support for custom userdefined chains
- improved filtering in the logviewer
- added filtering to the connection viewer
- snat rules can select an outgoing interface now
- horizontal separators (with comments) in the rules screen
- Brazilian Portuguese translation was contributed by Hugo Ribeiro
- lots of bugfixes... read more
The Quick Setup Guide released only about a week ago is already
translated to Brazillian Portuguese by Hugo Ribeiro. Thank you Hugo! I hear
he is also working on translating the program itself, so stay
A new version of Vuurmuur was just released. This release brings a lot of bugfixes, adds a special zone 'any' and adds a Russian translation made by Aleksandr Shubnik.
Download the this release from the Files section. Also there is the first version of a Quick Setup Guide written mostly by Philippe Baumgart.
As usual, please report bugs, feature request and comments to the mailinglist or directly to me.... read more
I'm happy to announce a new version of Vuurmuur. Biggest improvement in this release is support for internationalisation in the GUI. A Dutch translation is provided. I would like to welcome anyone who wants to translate Vuurmuur into their own language!
Other improvements include the possibility to edit a portrange instead of only removing and adding it, a more robust vuurmuur_log, a fix to the MASQ action and the ability to mark traffic.... read more
Yesterday Vuurmuur version 0.5.62 was released. Most notable additions are the
possibility to rename all objects, such as hosts or services and support in
the GUI for monitoring the bandwidth usage.
In Vuurmuur_conf in the rules section '+' and '-' can now be use to move a
rule down and up.
Added an option to copy (duplicate) the current rule in the rulessection.
Fixed an obscure bug when forwarding a service with the broadcast option set
to a group.
If Vuurmuur cannot determine all caps, ip_queue is now still checked.
Added a network reference counter to the interfaces. It must be 0 before an
interface can be removed.
Added -m tcp, -m udp or -m icmp to rules so iptables-restore should now work
on Debian Woody.
Zones, networks, groups, hosts, interfaces and services can be renamed.
Fixed the status section not being displayed on a small screen with too many
The interfaces section can now handle more interfaces that will fit on the
The bandwidth usage can now be viewed in Vuurmuur_conf.
Vuurmuur now uses -D for daemon-mode instead of -l (-l can still be used
Performance of the rulessection when using a filter was much improved.
Fixed compilation warnings on Mandrake 10.1.
When a ruleset failes to load the tempfile is no longer removed, so it can be
I'm proud to release version 0.5.61 of Vuurmuur. New features are: support for
Portscan Attack Detector (PSAD) 1.4.0 and support for IP Traffic Volume
(http://iptrafficvolume.sourceforge.net/) for basic traffic accounting.
This release is now tested on Mandrake 10.1 and SUSE Linux 9.1 Personal.
Mandrake users should refer to INSTALL.MANDRAKE in the source package for
installation instructions, SUSE users to INSTALL.SUSE. ... read more
Version 0.5.58 was just released. It is a bugfix release for a bug introduced in 0.5.57, which made bash-mode unusable. In 0.5.57 there were big changes. Iptables-restore can now be used to create the rules, which means much faster ruleloading. Also, Vuurmuur can now check the iptables-capabilities of the system.
Get the source-installer or the Debian packages from the Files-section.
Vuurmuur version 0.5.56 was just released. It includes (experimental) support for IPSEC pass trough. It should also help for people with multiple public ipaddresses and multiple servers behind the firewall.
The website is also updated, it was much improved by Michiel Bodewes. Thanx Michiel!
Vuurmuur 0.5.48 was just released. Most important new feature is better support for Snort_inline. The macaddress is now logged and a few bugs were fixed.
Also Debian packages were added. You find them in the files section.