Dirwall is a compact firewall script that segregates iptables rules from the actual script.
The Dirwall rules are usually located in "/etc/dirwall/{ACCEPT,FORWARD,MASQ,NAT,NOLOG,REJECT}/*". This ensures that users have the flexibility to store rules in various places as desired. It’s also possible to have multiple rules per file with a whitespace separating them.
Comments starting with a '#' are allowed anywhere in the rule files. This feature ensures that users can add notes for future reference. However, the rule files have filenames reserved for packages that have that specific name. For instance, the "ssh" package has the right to manage the "/etc/dirwall/ACCEPT/ssh" rule file.
Local rule files should be named with the prefix "local-" so that they don't conflict with other rule files. This keeps the system operational and efficient.
This recent release comes with new features that include REJECT target support, nat table flushing, and setting of default nat table policies. Additionally, the default filter policy config files were renamed to support nat policies, and there’s improved documentation to enable users to make the most of Dirwall's capabilities.
Overall, Dirwall is a powerful software that streamlines the creation and maintenance of iptables rules. It's well-documented and easy to use, making it a popular choice among users who value efficiency and customizability.
Version 0.11: N/A