Bug-fix release. Few bugs that affected support for "limit" and "timeout" options in compiler for PF were fixed; option "Clamp MSS to MTU" in compiler for iptables now generates rule that will match packets in states ESTABLISHED and RELATED; bug that affected printing long rulesets on Windows was also fixed.
Object-oriented GUI and set of compilers for various firewall platforms. Currently implemented compilers for iptables, ipfilter, OpenBSD pf, ipfw, Cisco PIX firewall and routers access lists.
Major update: Policy compilers for Cisco PIX (supports FWSM and ASA appliances) and IOS extended access lists have been released under GPL and included in the main package. Changes in the packaging: now we ship only two RPMs: one for the fwbuilder library (libfwbuilder-2.1.18.rpm) and the other for the GUI and all 6 policy compilers (fwbuilder-2.1.18.rpm)... read more
This is a bug-fix release. It improves stablility of the policy importer on 64-bit platforms, supports import of iptables policies that use TCPMSS target, fixes problems with built-in RCS on windows when user does not have administrator's rights and comes with nearly 100% Brazilian Portugese translation
This is another bugfix release. Several problems with policy installer running in batch mode have been fixed, also this release resolves compatibility issues with Windows Vista and Mac OS X Leopard. See full Release Notes here: http://www.fwbuilder.org/archives/cat_release_notes.html#000238
This is another bugfix release, it comes with numerous improvements in the iptables policy importer and fixes for gcc 4.2 and 4.3
This is bugfix release; its main focus is better support for new features available in PF in OpenBSD 4.1 and improvements in built-in policy installer
Major new features in this release include support for Cisco routers access lists and ability to import existing firewall policy. Currently policy importer can parse iptables configuration from a file created by iptables-save utility and Cisco router configuration saved using "show run" or similar command. Numerous bug filxes also come with this version. Ubuntu 7.04 .deb packages are included for the first time.
Another bug fix release. Built-in installer now properly detects errors that arise during activation of the iptables script. Support for --datestart and --datestop options of the "time" module, as well as full set of options for the "hashlimit" module were implemented in the policy compiler for iptables. It is now possible to generate rules to mark packets in the OUTPUT chain of the mangle table. Support for options "max-src-conn" and "max-src-states" has been improved in the compiler for PF. Support for IP option "lsrr" has been added in compiler for ipfilter.
This is a bugfix release. Built-in policy installer has been fixed and is now properly works with firewall configurations that consist of several files, specifically PF and ipfilter. Code compiles on systems where QT is built without STL support.
Several bugs have been fixed in the GUI and policy compiler for iptables. Compiler is more tolerant while processing Address Table object with empty address file or with a file with empty lines. Ability to emulate terminating behavior for rules with actions Classify and Tag and improved shadowing detection for these rules have been added in compiler for iptables.
New function to compare two data files and find conflicting objects has been added.... read more
This version comes with many new features in the GUI and policy compilers. The GUI is much faster now, new object types "Address Table", "DNS Name", "Tag", as well as new rule actions "Tag", "Queue", "Classify" and "Custom" have been added. The latest stable version is 2.1.8, we consider it ready for production use.
This is a quick bugfix release. Fix implemented in v2.0.11 for the bug that caused firewall script corruption if any rule comments where written in UTF-8 broke built-in installer on Windows and Mac OS X. This release implements more portable solution that works on all supported platforms. Bug numbers: #1455772 and #1468745
This is a bugfix release. Bug that caused firewall script to break during transfer to the firewall if any of the rule or object comments used non-english UTF-8 characters has been fixed. Generated firewall script will properly load iptables modules on 2.6 kernels. Code compiles with g++ 4.1.
This is a bugfix release. GUI crash in a situation when one of the resource files was missing has been fixed, code compiles and works on Solaris and few minor bugs have been fixed in the compiler for iptables.
This is mostly bugfix release, with a handful of new features. It comes with Spanish translation and support for Cisco FWSM.
This release offers bug fixes and few new features. Rule sets are now used to swap rules on ipfw firewalls. Backup ssh access can now be configured for subnets. Few bugs were fixed in built-in installer to make it work more reliably on FreeBSD and to improve its reliability for ipfw firewalls.
This release includes bug fixes and minor improvements in the GUI and policy compilers. Ability to search by IP address, tcp/udp port, icmp type or ip protocol number is now available in the GUI. Administrator can now specify additional command line parameters for ssh that built-in installer runs to access firewall, this way alternative ssh keys or port number can be used. Added support for dynamic interface addresses in ipfilter.
This is the first release to include support for printing of rulesets. It also comes with bugfixes and updated localization.
This is a bug fix release. Complete Russian and Japanese translations have been added. Code has been fixed in many places where text strings were not properly marked for localization. Many bugfixes in the GUI improve usability.
New policy activation methods using iptables-restore are now available for Linux/iptables firewalls. Iptables-restore provides for atomic policy load and allows to load large policy much faster. Atomic load means the whole filter or nat table is activated at once, and if there is an error, nothing is changed.
New installation method that allows to manage access lists on a PIX firewall through the IPSEC tunnel has also been implemented. ... read more
* This release improves support for the PF firewall by always using tables in policy rules; it also uses syntax " ! <tbl>" for negation, assignes "rdr" rules to interfaces and adds "flags S/SA" to policy rules that keep state.
* This release significantly improves optimizer for iptables and adds an automatically generated rule to block packets that correspond to an INVALID state... read more
This is a maintenance release. See Release Notes http://www.fwbuilder.org/archives/cat_release_notes.html for the list of bug fixes and improvements.
This release adds several service objects to the Standard Objects library, couple firewall object templates, fixes bugs reported over the last two weeks and adds support for timeout and limit options in pf.
The GUI has been rewritten from scratch and is now based on QT. New features: improvements in the GUI usability and speed; built-in version control system based on RCS; built-in installer that uploads and activates firewall policy using ssh; support for Linksys devices running Sveasoft firmware. See the full list on our web site at http://www.fwbuilder.org/
This is a bug fix release. The most important and visible fix is for a bug that caused the GUI to crash while saving data to the xml file if it was using libxml2 v2.6.4. In particular this bug broke FreeBSD port.
Another improvement in v1.1.2 is an addition of support for tables in OpenBSD pf. Tables have become available in PF in OpenBSD 3.4 and improve performance of the filter, as well as make policy shorter. ... read more
Firewall Builder v1.0.10 has been released. This version includes lots of bug fixes, adds support for ipfw firewall, comes with FreeBSD and OpenBSD ports, adds Fink package for Mac OS X and implementes many feature enhancements.