PacketFlow Firewall Generator generates firewalls using XML.
New connections can flow from interfaces with high security levels to interfaces with low security levels. This approach results in much shorter rule sets despite having many interfaces. Besides, there is the ability to use access lists to override the default behavior of these security levels. The software comes with support for incoming, outgoing, and wildcard access lists. Wildcard access lists are useful when you wish to allow new connections to a particular service from any interface. Access lists only apply to new connections.
To use PacketFlow Firewall Generator effectively, it is essential to evaluate your firewall needs carefully. Once that is done, you can take a look at the sample configuration files located in the samples directory of the distribution. With any luck, one of these configurations will give you a place to start. Once you have a configuration built, generate the rules by running the software through the configuration file. As for the latest release, there are improvements on the software that will make it better for you.
This new version no longer uses the unclean match, which isn't available on kernel 2.6. Additionally, Debian packages have been updated to ensure compatibility with new releases, while the version number is now at 1.0. Overall, PacketFlow Firewall Generator is an excellent solution for dealing with firewall policy implementation on dedicated firewalls, and it might work well in other scenarios as well.
Version 1.0: N/A