Drawbridge is a firewall software catered for academic institutions, developed by Texas A&M University.
One of the key strengths of Drawbridge lies in its ability to perform high-speed packet filtering. This feature, combined with its ability to accommodate a large number of individual host configurations within an intranetwork, earns Drawbridge high marks for its versatility and flexibility.
This firewall package employs a constant-time table lookup algorithm that enables it to deliver consistent packet throughput rates, even when faced with multiple filters. Drawbridge consists of three main components: the Drawbridge filter code, the Drawbridge Manager, and the Drawbridge Filter Compiler, all of which run on a FreeBSD system.
To install Drawbridge, follow these automatic installation instructions:
1. Create a "manager" account that is a member of group wheel.
Username: manager
Groups: manager, wheel
2. Run the install script. The package will be installed by default in the /usr/local/drawbridge directory, with binaries located in /usr/local/drawbridge/bin and /usr/local/drawbridge/sbin.
3. Documentations can be found in /usr/local/drawbridge/doc and rulesets in /usr/local/drawbridge/rules. The startup script is located in /usr/local/etc/rc.d.
4. Modify the "Interface IDs" section of the /usr/local/etc/rc.d/drawbridge.sh script to reflect the correct names of the interfaces for your particular hardware. Make sure to define the inside and outside interface names. The mirror interface is optional (mirror="").
In addition, remember to add /usr/local/drawbridge/sbin and /usr/local/drawbridge/bin to the default path for the manager account. With its high-speed packet filtering capabilities and customizable configurations, Drawbridge is an excellent choice for any large academic environment looking for dependable firewall protection.
Version 4.0: N/A