Index of /achilles/firewalls/sf
Name Last modified Size Description
Parent Directory -
Changes-0_2.9 29-Dec-2005 10:59 1.7K
sf-0_1_tar.gz 29-Dec-2005 10:59 420K
sf-0_2_9_tar.gz 29-Dec-2005 10:59 338K
----------------------------------------------------------------------
sf Firewall Software -- a TCP/IP packet filter for Linux
Copyright (C) 1996 Robert Muchsel and Roland Schmid
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
Please address all correspondence concerning the software to
firewall-bugs@switch.ch.
----------------------------------------------------------------------
This is version 0.2.9 of the firewall software. It requires Linux 2.0.x
and will not work with earlier kernel versions (there is a version
which supports the 1.2.x kernels, please get sf-0.1.tar.gz).
Documentation is supplied in HTML format (to print, please use your Web
browser).
Please read the installation section in the user's guide (user.htm)
before trying to compile and install the software!
Feel free to report any problems, bugs, suggestions and comments to
firewall-bugs@switch.ch.
You can get the latest version of the software from
ftp://ftp.switch.ch/software/sources/network/sf.
QUICK OVERVIEW
--------------
The sf packet filter & firewall is a free and easy way to protect your
network from the daily threats of the Internet. It does not guarantee
perfect security, however it comes with a wealth of features, including:
- filtering of all header fields in the IP,TCP,UDP,ICMP,IGMP packets
- intelligent RIP and FTP support
- easy to understand, text-based configuration
- dynamic rules, including counters and time-outs
- extensive logging, alerting, and counter intelligence
- prevention of packet and address spoofing
- GNU GPL license :-)
To install the software, you need a Linux 2.0.x based system. We suggest
you install a bare-bone system without X or any of the other nifty
features which tend to have security holes. You should not install user
accounts on the firewall system. Log-ins other than from the console
should be forbidden (if you absolutely have to log in remotely, we
strongly suggest you install a copy of ssh, http://www.cs.hut.fi/ssh).
Although the software has been subject to thorough testing, and has been
continuously running without crashes for over 12 months, we are confident
someone will eventually unconver A BUG in the software. Therefore,
it is version "0.2.9".
Please do not use this software as the sole means to protect your top
secret data. This software is intended for
- people who want to study firewalls
- people who don't trust their current firewall
- and people who currently don't have any protection at all (even if
there are serious bugs, it cannot get worse, can it?)
If you have trouble installing or configuring the software despite the
comprehensive documentation, or if you seek advice in security related
issues, feel free to e-mail to firewall-bugs@switch.ch. However, please
understand we cannot provide consulting services for free.