5. Graphical and other Firewall Front Ends
In addition, many front ends exist which aim to make the configuration of
a good firewall with Netfilter/IPTables easier. Two of these are:
- FERM, a firewall
rule parser: ferm compiles ready to go firewall-rules from a
structured rule-setup...the possibility to provide a structured
description of a firewall...you can now write logically and coherent
rules using a C-style nesting structure, and let ferm create all rules
for you...ferm will also aid in modularizing firewalls...
- Firewall Builder is a GUI for
building firewalls. From the Linux Journal (Paranoid Penguin, Mick Bauer)
article on FB, LJ109: Firewall Builder is a good firewall GUI indeed.
It lets you define host, network and service objects that can be used
and reused in as many different firewall rulesets as you like; it
displays your rules in an instinctive and clear way; and because
it's intentionally OS-agnostic, you can use Firewall Builder to
generate rulesets not only for Netfilter/iptables, but also for
FreeBSD's ipfilter, OpenBSD's pf and even Cisco PIX firewalls.