[ubuntu-hardened] ubuntu firewall

Jamie Strandboge jamie at ubuntu.com
Wed Jan 2 14:08:25 GMT 2008

On Sat, 22 Dec 2007, Christer Edwards wrote:

> There was also a spec on this at UDS.  Was anyone on this list at that
> spec too?  Any progress since?  (I was, but I haven't followed
> progress since). - https://wiki.ubuntu.com/UbuntuFirewall
Yes, progress is moving forward. As those who attended the UDS meeting
may recall, the spec morphed into a host-based firewall solution, at
least for Hardy. The above page now has a link to the current code.
Please keep in mind that the code is a work in progress and has not even
been packaged yet.

The code currently is a frontend to iptables-restore. The design is such
that it will support different backends. Once Ubuntu and Debian have
decided on a particular firewall solution, a backend will be written for
it. Software currently being looked at for backends are shorewall, a new
PF-based backend or suse's yast2 script.

The goal for Hardy is to get a viable solution for simple host-based
systems, then add a more complete solution in a non-LTS release.


Email: jamie at ubuntu.com
IRC:   jdstrand

More information about the ubuntu-hardened mailing list