pyroman_0.5.0-1_all.deb


Advertisement

Description

pyroman - Very fast firewall configuration tool

Distribution: Ubuntu 16.04 LTS (Xenial Xerus)
Repository: Ubuntu Universe amd64
Package name: pyroman
Package version: 0.5.0
Package release: 1
Package architecture: all
Package type: deb
Installed size: 243 B
Download size: 35.34 KB
Official Mirror: archive.ubuntu.com
Pyroman is a firewall tool written in Python for complex networks, but it can of course also handle simple single-host-single-link setups. Interesting features: * Fast, due to use of iptables-restore for mass setting of rules * Rollback to previous firewall configuration on errors * Safety options to prevent mistakes in configuration (success confirmation prompt and/or scripted external verification) * Detailed error reporting * Lots of verification checks done before execution * Powerful yet clean configuration files (in Python and/or XML) * Designed for multiple hosts, firewalls, networks * Consistent firewalls for IPv4 and IPv6 Pyroman is inspired by Shorewall and FireHOL, but tries to improve upon them with respect to performance and ease of configuration. Pyroman currently only configures iptables/netfilter firewalls, it does not include configuration utilities for setting up VPN or traffic shaping.

Alternatives

    Download

    Binary package: pyroman_0.5.0-1_all.deb
    Source package: pyroman

    Install Howto

    1. Update the package index:
      # sudo apt-get update
    2. Install pyroman deb package:
      # sudo apt-get install pyroman

    Files

    • /etc/default/pyroman
    • /etc/init.d/pyroman
    • /etc/pyroman/00_iptables-defaults.py
    • /etc/pyroman/01_loopback.py
    • /etc/pyroman/02_icmpv6.py
    • /etc/pyroman/03_standard_chains.py
    • /etc/pyroman/04_conntrack.py
    • /etc/pyroman/10_interfaces.py
    • /etc/pyroman/20_services.py
    • /etc/pyroman/25_networks.py
    • /etc/pyroman/README
    • /lib/systemd/system/pyroman.service
    • /usr/lib/python2.7/dist-packages/pyroman/__init__.py
    • /usr/lib/python2.7/dist-packages/pyroman/chain.py
    • /usr/lib/python2.7/dist-packages/pyroman/commands.py
    • /usr/lib/python2.7/dist-packages/pyroman/exception.py
    • /usr/lib/python2.7/dist-packages/pyroman/host.py
    • /usr/lib/python2.7/dist-packages/pyroman/interface.py
    • /usr/lib/python2.7/dist-packages/pyroman/iptables.py
    • /usr/lib/python2.7/dist-packages/pyroman/iptables_parse.py
    • /usr/lib/python2.7/dist-packages/pyroman/nat.py
    • /usr/lib/python2.7/dist-packages/pyroman/port.py
    • /usr/lib/python2.7/dist-packages/pyroman/pyroman.py
    • /usr/lib/python2.7/dist-packages/pyroman/rule.py
    • /usr/lib/python2.7/dist-packages/pyroman/service.py
    • /usr/lib/python2.7/dist-packages/pyroman/util.py
    • /usr/lib/python2.7/dist-packages/pyroman/xmlsyntax.py
    • /usr/sbin/pyroman
    • /usr/share/doc/pyroman/README.Debian
    • /usr/share/doc/pyroman/changelog.Debian.gz
    • /usr/share/doc/pyroman/copyright
    • /usr/share/doc/pyroman/examples/base/00_iptables-defaults.py
    • /usr/share/doc/pyroman/examples/base/01_loopback.py
    • /usr/share/doc/pyroman/examples/base/02_icmpv6.py.gz
    • /usr/share/doc/pyroman/examples/base/03_standard_chains.py
    • /usr/share/doc/pyroman/examples/base/04_conntrack.py
    • /usr/share/doc/pyroman/examples/base/10_interfaces.py
    • /usr/share/doc/pyroman/examples/base/20_services.py
    • /usr/share/doc/pyroman/examples/base/25_networks.py
    • /usr/share/doc/pyroman/examples/base/README
    • /usr/share/doc/pyroman/examples/example1/03_standard_chains.py
    • /usr/share/doc/pyroman/examples/example1/06_ssh_scanner_block.py
    • /usr/share/doc/pyroman/examples/example1/10_interfaces.py
    • /usr/share/doc/pyroman/examples/example1/21_extra_services.py
    • /usr/share/doc/pyroman/examples/example1/26_broadcasts.py
    • /usr/share/doc/pyroman/examples/example1/31_firewall.py
    • /usr/share/doc/pyroman/examples/example1/32_mail.py
    • /usr/share/doc/pyroman/examples/example1/33_web.py
    • /usr/share/doc/pyroman/examples/example1/80_workstations.py
    • /usr/share/doc/pyroman/examples/example1/98_log.py
    • /usr/share/doc/pyroman/examples/example1/README
    • /usr/share/doc/pyroman/examples/personal-firewall/05_skype.py
    • /usr/share/doc/pyroman/examples/personal-firewall/10_interfaces.py
    • /usr/share/doc/pyroman/examples/personal-firewall/25_networks.py
    • /usr/share/doc/pyroman/examples/personal-firewall/30_localhost.py
    • /usr/share/doc/pyroman/examples/xml/00_iptables-defaults.xml
    • /usr/share/doc/pyroman/examples/xml/01_loopback.xml
    • /usr/share/doc/pyroman/examples/xml/03_standard_chains.xml
    • /usr/share/doc/pyroman/examples/xml/04_conntrack.xml
    • /usr/share/doc/pyroman/examples/xml/10_interfaces.xml
    • /usr/share/doc/pyroman/examples/xml/20_services.xml
    • /usr/share/doc/pyroman/examples/xml/25_networks.xml
    • /usr/share/doc/pyroman/examples/xml/30_localhost.xml
    • /usr/share/man/man8/pyroman.8.gz
    • /usr/share/pyshared/pyroman/__init__.py
    • /usr/share/pyshared/pyroman/chain.py
    • /usr/share/pyshared/pyroman/commands.py
    • /usr/share/pyshared/pyroman/exception.py
    • /usr/share/pyshared/pyroman/host.py
    • /usr/share/pyshared/pyroman/interface.py
    • /usr/share/pyshared/pyroman/iptables.py
    • /usr/share/pyshared/pyroman/iptables_parse.py
    • /usr/share/pyshared/pyroman/nat.py
    • /usr/share/pyshared/pyroman/port.py
    • /usr/share/pyshared/pyroman/pyroman.py
    • /usr/share/pyshared/pyroman/rule.py
    • /usr/share/pyshared/pyroman/service.py
    • /usr/share/pyshared/pyroman/util.py
    • /usr/share/pyshared/pyroman/xmlsyntax.py

    Changelog

    2014-10-19 - Erich Schubert <erich@debian.org> pyroman (0.5.0-1) unstable; urgency=medium * Upstream tagged final (no changes) * Improve systemd service file: check /etc/default/pyroman * Improve systemd service file: run inbetween network-pre and network * Do not autostat pyroman - usually not configured

    2014-02-15 - Erich Schubert <erich@debian.org> pyroman (0.5.0~beta2-1) unstable; urgency=medium * Add ICMPv6 default rules, following RFC 4890 * Please help testing and improving IPv6 support! * Do *not* enable systemd service by default, as the default configuration would block any networking!

    2013-08-12 - Erich Schubert <erich@debian.org> pyroman (0.5.0~beta1-1) unstable; urgency=low * Let's call this a beta release. No negative feedback on the alpha for a year, but as this includes new functionality (IPSec) I want to give this version some extra time. * Merge patch to support IPSec by Wil Tan (Closes: #719054) * Skip "ah" protocol for IPv6. You would need to use the header match! * Use dh-systemd for better systemd support (Closes: #715248) * Drop patch hotfix-nat.patch, included in new SVN checkout. * Some minor packaging cleanups (empty dir) * Update to standards 3.9.4 * Use machine-readable copyright information format

    2012-06-12 - Erich Schubert <erich@debian.org> pyroman (0.5.0~alpha1-3) unstable; urgency=low * Upload to unstable, to get more feedback on IPv6 support * Add systemd service file. Enable pyroman via: systemctl enable pyroman

    2011-08-18 - Erich Schubert <erich@debian.org> pyroman (0.5.0~alpha1-2) experimental; urgency=low * Fix Nat support, discovered by trying to regenerate the 1300+ lines iptables of a four-if hot-standby firewall.

    2011-08-17 - Erich Schubert <erich@debian.org> pyroman (0.5.0~alpha1-1) experimental; urgency=low * New pre-release with experimental IPv6 support. * Please help me test and debug!

    2011-07-25 - Erich Schubert <erich@debian.org> pyroman (0.4.6-5) unstable; urgency=low * Switch to quilt source format * Use debhelper 7 instead of CDBS * Use dh_python2 * Update to policy 3.9.2.0 (no changes) * Yes, this project is still alive. It just does all I currently need.

    2010-06-09 - Erich Schubert <erich@debian.org> pyroman (0.4.6-4) unstable; urgency=low * Try to ensure python-support has run before we run the init script.

    2010-06-03 - Erich Schubert <erich@debian.org> pyroman (0.4.6-3) unstable; urgency=low * Fix init script missing dependency on $remote_fs * Increase debhelper level to 7 * Also update to latest policy 3.8.4.0 (no changes)

    2009-02-28 - Erich Schubert <erich@debian.org> pyroman (0.4.6-2) unstable; urgency=low * Call dh_pysupport in binary-install instead of install target to make it build with python-support from experimental (Closes: #516903) * Resolve lintian warnings * Remove prerm, postinst scripts that cleaned up early (pre-lenny) versions.

    Advertisement
    Advertisement