Jay's Iptables Firewall is a bash script that allows one to easily install and configure a firewall on a Linux system. It was initially written for use on a home LAN, but can be extend to any type of network since support for multiple interfaces was added. The basic features are sharing Internet over a LAN, forwarding TCP or UDP ports over the LAN (for programs which require to be directly connected to Internet (to receive files by ICQ, eDonkey, KaZaA, ...)), log for prohibited accesses and more.
The firewall is very restrictive "All incoming traffic is blocked except ...". It carries out a filtering of the IP, TCP, UDP, and ICMP headers. Protect from DDOS (Distributed Denial Of Services) attacks, Smurf attacks (participation to a DDOS), Invalid IP sources and much more).
· Access control to TCP/UDP ports
· TCP/UDP Flags Control
· ICMP Control
· UDP/TCP ports forwarding
· Synflood Control (Distributed Denial Of Services)
· Spoofing Control (Bad source ips)
· Denying hosts (IP/MAC)
· Spywares ip list included
· NAT/Masquerading (Internet sharing over a LAN)
· Support for tunneling with restricted access on ports (like vtund)
· Support for multiple internal interfaces
· Support for multiple external interfaces
· Setting up Type Of Service (TOS)
· Support for custom rules
· Support for Pre/Post scripts
· Support for ZorbIPTraffic
· Log of bad tentatives
· And more ...