FireHOL, an iptables stateful packet filtering firewall for humans!
FireQOS, a TC based bandwidth shaper for humans!
These instructions are for people who are working with the git repository. There are more general instructions starting with Upgrade Notes.
The github firehol repository page lists URLs which can be used to clone the repository.
After cloning you should copy the git hooks, for style checking and more:
cp hooks/* .git/hooks
You need GNU autoconf and GNU automake to be able to run:
./autogen.sh
./configure --enable-maintainer-mode
make
make install
If you don't want to have to install pandoc you can instead choose to build without documentation or manpages:
./autogen.sh
./configure --disable-doc --disable-man
make
make install
Re-run autogen.sh
whenever you change configure.ac
or a Makefile.am
You can run the sbin/*.in
scripts in-situ but they will produce internal
git versions e.g. FireQOS $Id: def55bbc9c2a78aef580e88ad6d3f9ba689a6004 $
.
The "compiled" scripts must be installed, along with their function libraries in order to work correctly.
From version 2.0.0-pre6, FireHOL adds combined IPv4/IPv6 support within a single configuration.
If you are upgrading FireHOL from a version earlier than 2.0.0-pre6, please read the upgrade notes.
If you are installing the package from a tar-files release, FireHOL uses the GNU Autotools so you can just do:
./configure
make
make install
Since all components will go under /usr/local
, you may prefer something
like this:
./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
make
make install
You can get help on the options available (including disabling unwanted components) by running:
./configure --help
From version 3.0.0 it is no longer recommended to install firehol by copying files, since a function library is now used, in addition to the scripts.
Configuration for FireHOL goes in /etc/firehol/firehol.conf
Configuration for FireQOS goes in /etc/firehol/fireqos.conf
In the examples directory, you can find examples for both programs.
To start the programs:
firehol start
fireqos start
For more details on the command-line options, see the man-pages:
man firehol
man fireqos
Read the tutorials on the website for more information and to learn how to configure the programs.
For detailed information on the configuration files, read the manual online, or start with these the man-pages:
man firehol.conf
man fireqos.conf
You may want to ensure that FireHOL and FireQOS run at boot-time. If you installed from an distribution package this will be configured in the usual way.
For a tar-file installation, the binaries can often be linked directly
into /etc/init.d
, since their options are SysVInit compatible. Some
example systemd service files can be found in the contrib folder.
The main website is http://firehol.org/.
To ask questions please sign up to the mailing list
Man pages, PDF and HTML documentation are provided as part of the package
and can be found in the tarball or in your distribution's standard locations
(e.g. /usr/share/doc
). The latest manual
is also online.
The site has a list of all services supported by FireHOL "out of the box" as well as information on adding new services.
Copyright (C) 2012-2015 Phil Whineray <phil@firehol.org>
Copyright (C) 2003-2015 Costa Tsaousis <costa@tsaousis.gr>
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA