fmFirewall

Download v3.0.0

Requires: facileManager 4.6.0 or later

Last Updated: 2024-02-09

Filesize: 78 KB

Description

Manage one or more software firewalls without having to login to each server to update configuration files or policies. Just make your changes and build the configs all from the web interface. With fmFirewall, you can manage:

Manage your software firewall like a real appliance firewall with policy templates and object and service groups. iptables' time-based rules are also supported.

Version History

3.0.0 (2024-02-09)
==================
* Server - [feature] Added support for NAT rules in iptables.
* Server - [feature] Added support for defining UID in policy rules.
* Server - [feature] Added support for setting TCP flags in policy rules.
* Server - [feature] Added support for searching rules and objects.
* Server - [improvement] Removed unused dashboard.
* Server - [improvement] Firewall policy now displays a policy drop-down to choose from
           when no policy has been selected.
* Server - [improvement] Consolidated addresses and services into the Objects menu.
* Server - [improvement] CSS/jQuery tweaks to improve the popup boxes.
* Server - [improvement] Policy objects now have tooltips to expand on the contents.
* Server - [bug] Fixed PHP errors.
* Server - [bug] Fixed additional PHP8 compatibility errors. (Issue #582)

2.2.0 (2023-03-09)
==================
* Both   - [improvement] Added PHP 8.2 support. (Issue #558)
* Server - [bug] Object groups can no longer contain themselves.
* Server - [bug] Grab bars no longer show when there is only one item.

2.1.0 (2021-09-14)
==================
* Server - [improvement] Server configs can now be previewed when a client upgrade is available.
* Server - [bug] Fixed PHP error during policy edits.

2.0.3 (2020-11-27)
==================
* Server - [bug] Fixed Config Servers display with limited user permissions.
* Server - [bug] Fixed upgrade process retry attempts.

2.0.2 (2020-02-25)
==================
* Server - [bug] Fixed object and service creation/modification bug that was
           introduced in v2.0.0. (Issue #477)

2.0.1 (2019-10-01)
==================
* Server - [security] Fixed SQL injection. (Issue #475) (Fixed by shoeper)

2.0.0 (2019-10-01)
==================
* Server - [bug] Fixed PHP errors.
* Server - [improvement] Updated policy and time configurations with multiple tabs.
* Server - [improvement] Use font-awesome for negated displays.
* Server - [feature] Added policy templates.
* Server - [feature] Added support for policy names.
* Server - [bug] Fixed pf macro for multiple negated ports.
* Server - [improvement] Policy page now displays if options are set on a rule.
* Server - [feature] The pf 'quick' keyword is now an option.
* Server - [feature] Packet state for all firewall types can now be defined.
* Server - [improvement] CSS tweaks.
* Server - [security] Ensured header() calls are not skipped. (Found and reported
           by Arturs Danilevics, Oskars Vegeris, and Ivars Vids)

1.7.1 (2019-03-20)
==================
* Server - [bug] Fixed installs and upgrades with PHP 7.3.x. (Issue #436)

1.7 (2019-03-16)
================
* Client - [bug] Fixed start-up script location for Debian-based and Redhat-based
           systems. (Issue #426)
* Server - [improvement] Cleaned up redundant code.
* Client - [improvement] Added support for Scientific Linux. (Issue #431)
* Server - [improvement] CSS and icon changes.

1.6 (2018-12-15)
================
* Client - [improvement] Moved getInterfaceNames() to core.
* Server - [bug] Language fix.
* Server - [bug] Fixed display-process-all functionality.

1.5 (2017-12-13)
================
* Server - [improvement] Moved the grab CSS/JS to the core for other modules to use.
* Server - [improvement] Pagination is now displayed even with no items.
* Client - [improvement] Removed duplicate function call.

1.4.2 (2017-08-07)
==================
* Client - [bug] Fixed firewall type detection during installation. (Issue #383)

1.4.1 (2017-07-06)
==================
* Server - [improvement] Updated German translation.

1.4 (2017-06-22)
================
* Server - [bug] Fixed the upgrade process.
* Server - [improvement] Replaced policy icons with Font Awesome fonts.
* Server - [improvement] Added bulk actions to several pages.
* Server - [improvement] Database errors now get displayed if the Show Errors
           setting is enabled.
* Server - [improvement] Added additional time restriction support based on newer
           versions of iptables.
* Server - [bug|improvement] Added more flexibility in choosing packet states
           with iptables. (Issue #364)
* Both   - [improvement] Code clean up.
* Server - [improvement] Code changes to better reference shared classes.
* Server - [improvement] Utilizes response error formatting.
* Server - [improvement] Pagination is added to all pages.
* Server - [improvement] Code clean up.
* Server - [improvement] Added reorder icon to the policy view.
* Server - [bug] Fixed if-up-pre.d script on Debian-based systems. (Issue #356)
* Server - [improvement] Unset large variables after use to free up system
           resources.
* Server - [improvement] Added item name to the delete confirmations. (Issue #185)
* Server - [bug] Added missing translation text and removed duplicates.
* Server - [feature] Use mysqli functions where available. (Issue #343)

1.3.1 (2016-07-21)
==================
* Server - [improvement] AJAX now redirects to login page when fM and module
           database updates are required.
* Client - [security] Improved permission support for files installed by the
           client. (Issue #320)

1.3 (2016-04-24)
================
* Client - Upgrading requires a manual installation using the steps in README.md.
* Both   - [improvement] Cleaned up duplicate functions to simplify code.
* Client - [improvement] Client app is renamed to client.php to standardize
           all module client apps.
* Server - [improvement] When the "Established connection packet" box is checked
           on a policy, the RELATED state is appended. (Issue #295)
* Server - [improvement] Updated help file.
* Server - [bug] Under certain browsers, the jQuery would not execute. (Issue #298)
* Server - [improvement] Server configuration previews are now available with
           disabled servers.
* Server - [improvement] Default fM interaction policies are more accurate for
           new servers based on their update method.
* Client - [bug] Now pulls network interface names from ip maddr when ifconfig
           is not available.
* Client - [improvement] Rules are now applied at system boot on debian-based
           systems. (Issue #309)

1.2.5 (2016-03-16)
==================
* Server - [bug] Fixed server configuration builds via cron. (Issue #294)

1.2.4 (2016-03-15)
==================
* Server - [bug] Fixed client installations. (Issue #293)
* Server - [bug] Fixed server configuration builds.
* Client - [bug] Fixed client interface detection.
* Server - [bug] Included missing upgrade function to define proper indexes.
* Server - [bug] Fixed module badge counts.

1.2.3 (2016-03-11)
==================
* Server - [bug] Enclosed database references in backticks in SQL statements. (Issue #290)

1.2.2 (2015-12-08)
==================
* Client - [bug] Fixed client upgrade loop.

1.2.1 (2015-12-07)
==================
* Server - [bug] fM defined temporary directory was not always used.

1.2 (2015-12-02)
================
* Server - [improvement] Improved performance.
* Server - [improvement] Replaced Add New image with Font Awesome icon.

1.1 (2015-04-27)
================
* Server - [feature] Added ability to update all servers with a single click on
           the top menu bar. (Issue #116)
* Server - [bug] Fixed server preview.
* Server - [bug] Fixed policy ordering.
* Server - [bug] Fixed bulk action checkbox logic.
* Server - [feature] Added i18n support (Issue #106).
* Server - [security] Added ability to enable/disable automatic client
           registration in the database. (Issue #122)
* Server - [bug] Fixed cursor hand when resorting the policy rules.
* Server - [improvement] jQuery is now used to enable/disable items.
* Server - [feature] Firewall version is displayed on the servers page. (Issue #180)
* Server - [improvement] Swapped /tmp for sys_get_temp_dir().
* Server - [improvement] SSH keys can now be saved if the file already exists.

1.0.4 (2014-12-30)
==================
* Server - [bug] Fixed policy ordering. (Issue #167)

1.0.3 (2014-08-20)
==================
* Server - [bug] Fixed some PHP errors.
* Server - [improvement] Gave the popups a facelift.
* Server - [improvement] Cleaned up some code.

1.0.2 (2014-06-04)
==================
* Server - [feature] Client auto upgrade minimum version is now dynamic.

1.0.1 (2014-05-15)
==================
* Both   - [bug] Fixed client upgrade versioning. (Issue #93)

1.0 (2014-05-14)
================
* Server - [feature] Added support for bulk server config builds. (Issue #71)
* Server - Added file extensions to all redirects and links.
* Server - Cleaned up code.
* Server - Moved module options into fM options table.
* Server - [security] Fixed a bug that could allow a user to manage object groups
           without permission to manage objects.
* Server - Uses new fM user capabilities backend.
* Server - Uses new fM menu platform.
* Server - [bug] Fixed button css.
* Server - [bug] Fixed display of comments containing carriage returns.

1.0-b4 (2014-03-24)
===================
* Server - Improved installer and upgrader error handling.

1.0-b3 (2014-03-18)
===================
* Server - [feature] Added visual effects for things that need user attention.
* Both   - [feature] Added support to auto-update client files. (Issue #53)
* Server - Improved upgrade error handling.

1.0-b2 (2013-12-24)
===================
* Server - [bug] Server update method can no longer be changed
           from the webui if the server is installed. (Issue #54)

1.0-b1 (2013-12-16)
===================
* Initial release.