Related work

Many tools exists to help setup a firewall, and create the rules necessary for Linux. In general, these tools can be categorized into two major categories:

Specific tools:

Many firewall scripts help the user to setup a firewall for a special purpose. These tools contain no or very little level of configuration, as they are made with a simple purpose in mind. Examples are scripts that sets up a masquerading firewall with only one internal network. Configuration is mainly done by changing in the source code (usually accompanied with good comments of where and what to change). These scripts are usually targeted for the mass public, where a firewall protects a single home LAN from attacks from the Internet.

Generic tools:

Tools that are extensible and not limited to a specific network setup fall into this category. Setup is usually done with no modifications to the source code, and users are required to have extensive knowledge of network setup and security issues.

Hundreds of scripts that fall into the specific tools exists, while only very few are generic tools. Of these can be named:

Shorewall:

Shorewall[3] seems to be the most attractive alternative to FIAIF. The term zones are also used in this product. Configuration is said the be somewhat more difficult than FIAIF, and configuration is not split into zone configuration files.

Mandrake: Multi Network Firewall:

This commercial firewall[6] supports definitions of multiple security zones, support for virtual private networks (VPN), configurable through a web interface. The product is commercial, and costs in the area of $2000. As Mandrakesoft has filed for bankruptcy, the stability in using this commercial firewall is somewhat questionable.