> On 16 Jan 2022, at 19:41, onefang <onefang_dev...@sledjhamr.org> wrote:
>
> On 2022-01-16 17:23:29, wirelessduck--- via Dng wrote:
>>
>>
>>>> On 16 Jan 2022, at 12:54, Bob Proulx via Dng <dng@lists.dyne.org> wrote:
>>>
>>>> Any suggestions?
>>>
>>> I am not really happy with any of the programs I have looked at
>>> either.
>>>
>>> Ubuntu really pushes ufw but it feels too complicated to me. (Joking
>>> because it is supposed to be the Uncomplicated Firewall.) But I don't
>>> like that one shapes ufw in bits and pieces like crafting clay on a
>>> pottery table. I would much rather have a file with the rules (or at
>>> least most of them) in one place that then could get version
>>> controlled and copied around. ufw does maintain files behind the
>>> scenes though so perhaps one could hack at those files directly and
>>> avoid the command line interface.
>>>
>>> Bob
>>
>> Have you tried firehol? It uses configuration files to set firewall rules
>> for both inbound and outbound connections.
>>
>> https://firehol.org/
>
> firehol doesn't support nftables. Yet, looks like they been thinking
> about it for years.
Ahh thanks. I just read the bug report and looks like it might not happen
anytime soon.
https://github.com/firehol/firehol/issues/48
I looked at ferm but that appears to be similar and won’t be updated to support
nftables. There was a bug filed to netfilter for some usability improvements
that might be useful if switching to plain nftables configuration files.
https://bugzilla.netfilter.org/show_bug.cgi?id=1434
I also found APF which might be a good alternative frontend.
https://www.rfxn.com/projects/advanced-policy-firewall/
_______________________________________________
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
