Introduction

Firestarter is a GTK+/GNOME front end to the various firewalling subsystems available in the Linux kernel, for example Netfilter. It's aim is to provide a functional, secure yet easy to use front end for for modern advanced firewalling technologies to the GNOME desktop.

This document describes version 0.9 and later of Firestarter. It should be considered as a work in progress.

Firewalls in a Nutshell

Firewalls have typically been dedicated gateway machines servicing Internet network connections. One of the most basic of firewall functions is therefore to protect and hide a cluster of computers from cracking attempts from the Internet. Firestarter can be installed on a locked-down gateway machine in order to provide firewall functions for a LAN segment, or it can be installed on individual Linux workstations and server machines.

Firestarter Features

• User friendly and polished graphical interface optimized for GNOME 2
• Wizard and helpers guaranteed to be useful to both beginners and experts alike
• Uses global GNOME themes and settings
• Translations available for many languages (25 languages as of July 2002)

• Supports both internal and user-defined rulesets
• Built-in filtering of known trojan and trouble ports
• Support for Individual services configuration
• Support for tuning ICMP parameters to stop Denial of Service (DoS) attacks
• Support for tuning ToS parameters to improve services for connected client computers
• Support for NAT and port forwarding functions.

• Supports glibc's Sysctl tuning to protect the firewall from flooding, broadcasting & spoofing
• Supports Linux Kernels 2.4 and 2.6

And more!