KMyFirewall – iptables based firewall configuration tool
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
Go to file
Timothy Pearson dc97c53fce
Revert "Rename a number of old tq methods that are no longer tq specific"
13 years ago
KMFIPTInterface Revert "Rename a number of old tq methods that are no longer tq specific" 13 years ago
KMFSysTray Revert "Rename a number of old tq methods that are no longer tq specific" 13 years ago
admin@8dda14c151 Reset submodule main/applications/kmyfirewall/admin to latest HEAD 13 years ago
cmake@42b03b0965 Reset submodule main/applications/kmyfirewall/cmake to latest HEAD 13 years ago
doc Additional renaming of kde to tde 13 years ago
kmyfirewall Revert "Rename a number of old tq methods that are no longer tq specific" 13 years ago
pics Additional renaming of kde to tde 13 years ago
templates Added old abandoned KDE3 version of kmyfirewall 15 years ago
.gitmodules Added common directories 13 years ago
AUTHORS Added old abandoned KDE3 version of kmyfirewall 15 years ago
COPYING Added old abandoned KDE3 version of kmyfirewall 15 years ago
COPYING-DOCS Added old abandoned KDE3 version of kmyfirewall 15 years ago
ChangeLog Additional kde to tde renaming 13 years ago
INSTALL Added old abandoned KDE3 version of kmyfirewall 15 years ago
Makefile.am Added old abandoned KDE3 version of kmyfirewall 15 years ago
README Added old abandoned KDE3 version of kmyfirewall 15 years ago
TODO Added old abandoned KDE3 version of kmyfirewall 15 years ago
acinclude.m4 Rename KDEHOME and KDEDIR 13 years ago
aclocal.m4 Added old abandoned KDE3 version of kmyfirewall 15 years ago
check_svn_build.sh Convert remaining references to kde3 (e.g. in paths) to trinity 13 years ago
config.guess Added old abandoned KDE3 version of kmyfirewall 15 years ago
config.h.in Added old abandoned KDE3 version of kmyfirewall 15 years ago
config.log Rename additional instances of KDE to TDE 13 years ago
config.sub Added old abandoned KDE3 version of kmyfirewall 15 years ago
configure.files Added old abandoned KDE3 version of kmyfirewall 15 years ago
configure.in Rename KDEHOME and KDEDIR 13 years ago
configure.in.in Additional renaming of kde to tde 13 years ago
debian_woody_configure Convert remaining references to kde3 (e.g. in paths) to trinity 13 years ago
fedora_configuration Convert remaining references to kde3 (e.g. in paths) to trinity 13 years ago
kmyfirewall.lsm Added old abandoned KDE3 version of kmyfirewall 15 years ago
kmyfirewall.tdevelop Finish rename from prior commit 13 years ago
stamp-h.in Added old abandoned KDE3 version of kmyfirewall 15 years ago
subdirs Added old abandoned KDE3 version of kmyfirewall 15 years ago

README

Content:
	
	* About KMyFirewall
	* Release Notes
	* Hacking
	* Packaging
	* Reporting Bugs
	* Contact


About KMyFirewall
-----------------

KMyFirewall attempts to make it easier to setup IPTables based firewalls on
Linux systems.  It will be the right tool if you like to have a so called
"Personal Firewall" running on your Linux box, but don't have the time and/or
the interest to spend hours in front of the IPTables manual just to setup a
Firewall that keeps the "bad" people out.

There is also the possibility to save entire rule sets, so you only have to
configure your rule set one time and then you can use it on several computers
giving each of them a similar configuration (p.e. school networks, office,
university etc.). For a complete list of the features have a look at the
Features section

Programs can't do any magic so you still will have to know what your firewall
should do to setup your rule set. KMyFirewall just tries to help you as much as
possible, but you decide what it will do. 


Release Notes 
-------------

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Important: As the file format used to save the rulesets has changed,   !!!
!!! rulesets created with KMF < 1.0beta1 WILL NOT work, don't even try it! !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Since the last stable release KMF has been completely rewritten in order to be 
even more flexible and on the other hand easier to use.

New plugin framework

Most parts of the application has been rewritten introducing a plugin framework
that allows to add new IPTables rule option editors to be written within a few
hours (well maybe days depends on the options complexity :).  This will allow
us (and contributors) to easily implement the fast growing number of IPTables
ruleoptions without the need of understanding the whole application.

The backend generating the IPTables rules itself has been extended to allow the
registration of new rule options by defining them in an XML description file.
For a detailed description about how to write such plugins have a look at the
application handbook in the current CVS version.  So feel free to contribute
plugins, there are lots of options still not implemented.  


New Easy-To-Use platform independant interface

As I often got mails complaining about the to complex nature of KMF and the
very limited possibilities the wizard provides i simply removed the wizard and
implemented a completely new interface.  


Features of the new Interface

As the new interface works on an abstract descrioption of the generated rules
the new plugin structure allows us top implement script compilers that support
other firewalling backends than just netfilter/iptables.

To support a new tool kit it is required to write a compiler and an installer
plugin for the new framework. Currently just the iptables/linux compiler and
installer is implemented. As with the rule option plugins of the IPTables
interface it shouldn't bee too much work to develop those plugins.  


IPTables vs. Generic interface

The main difference between those two interfaces is that the new Generic
Interface is OS and toolkit independant while the IPTables interface is an
improved version of the well known KMF GUI and therefore tight bound to the
netfiler/iptables toolkit and can therefore only be used with Linux as
operating system.  


Why two different interfaces?

Especially when concerning security related applications you (as developer)
need to decide if you like to build an application used by expert users (e.g.
experienced system administrators) or if you like to provide a tool that
everybody can handle.

It hasn't been an easy decision to implement one interface for each user group
but after pondering about concepts to merge those two requirements into one
interface we decided that it is much better to seperate them.  This allows us
to concentrate on the wishes and wanted features for each of the user groups.


Reporting Bugs
--------------

If you found a bug in please do not hesitate to drop an e-mail to
chubinger@gmail.com or use the "Report Bug..." dialog from the Help menu.  


Hacking
-------

As you can see this thing gets quiet big so every kind of help
(coding, docs, translations) is very welcome. Please don't hesitate to contact me
(chubinger@gmail.com) if you have some ideas, patches, wishes or whatever.


To ease the development for writing KMyFirewall plugins i've wrote a small
howto about implementing such plugins which may be a good starting point for
getting involved in the development process. It can be found in menu "Help ->
KMyFirewall Handbook" in the Development section or have a look at the project
website at http://kmyfirewall.sourceforge.net


Packaging
---------

If you are intereseted in packagin KMyFirewall do not hesitate to contact me.
As my time is quite linited i cannot package KMF on my own so if you like to 
you will be very welcome. Just drop me an e-mail


Contact
-------

Do not hesitate to contact me via e-mail at chubinger@gmail.com if you have
questions, problems or what ever concerning KMyFirewall.  

For the latest news about KMyFirewall have a look at
http://kmyfirewall.sourceforge.net