Firewall Builder Release Notes


Version 1.0.5


GUI and compilers v1.0.5 require API library libfwbuilder version 0.10.9

Summary

This release delivers long-awaited support for virtual addresses on interfaces and other improvements, as well as fixes bugs discovered during the testing of the previous version.

For those who wish to build from source, instructions are outlined in the document "Requirements" on our web site here

What's new

Notes on virtual interfaces

Data files created in previous versions of Firewall Builder are automatically converted when loaded in fwbuilder GUI. All host and firewall objects get address objects added to their interfaces. Newly created address objects are named after their parent host or firewall objects; this seems to be a reasonable default since it makes it easier to distinguish address objects when they are used in firewall policy rules. On the other hand, you may need to rename address objects that belong to firewall interfaces since they all are going to have the same name (that of the firewall).

It may take some getting used to the new tree structure, especially if address objects have the same name as their host or firewall parent objects. I am going to add icons in the tree in the future versions.


What's new in policy compiler for iptables

What's new in all policy compilers

Firewall script generated by policy compiler calls command-line tools such as 'ip', 'iptables', 'logger', 'pfctl', 'ipf', 'ipnat' etc using their full directory path and a file name. The program can generate correct default paths for these programs on Debian, Mandrake, RedHat, SuSE, FreeBSD, OpenBSD, Solaris; GUI provides controls so that user can make changes if these tools are located in non-standard places.


Bugs fixed in libfwbuilder API:



Bugs fixed in GUI:



Bugs fixed in iptables policy compiler fwb_ipt:



Bugs fixed in ipfilter policy compiler fwb_ipf: