Vuurmuur developments

Posted on Jan 12, 2007

This is my first blog post in 2007, so let me start by wishing everyone a good and healthy new year. In the new year I finally released a new version of Vuurmuur. It was the longest period between two releases, the last one was in April 06. The last year has been pretty hectic, with my graduation, looking for work, and now working… Also I’ve been stepping up work on Snort_inline and Modsec2sguil, which all took away coding time from Vuurmuur.

Of course, just after the new release came out, I discovered some problems with the connection killing functionality, and a new alpha release partly fixing that is already out. Partly, since I have yet some fixes to make. The release got a fair amount of publicity since it was mentioned on the Dutch computer enthousiast site tweakers.net. The server that hosts the wiki (and the screenshots) nearly colapsed under the requests, but luckily I could adapts it’s config in time to bring the load down from 18 to 2.

Looking ahead, I intent to get a new release out fairly quickly, hopefully even this month. The focus of this release will be fixing the bugs from 0.5.72. Looking further ahead main focus will be the setup wizard, that should help new users to get going quickly. Adi is working on an updated autobuild server that can also support the newer versions of Debian and Ubuntu. He will also be looking at adding support for rpm-building.

I’m also thinking about modifying the iptables rules that Vuurmuur creates, to better handle traffic marking, add support for the classify target and support nfqueue. But it will be a while before work on that will start…