NuFW

NuFW lays on Netfilter, the state of the art IP filtering layer from the Linux kernel. It fully integrates with Netfilter and extends its capabilities.

The daemons currently run on Linux and software clients are available for Windows, Linux, FreeBSD et Mac OSX.

Its exclusive algorithm allows authenticated filtering even on multiuser computers. For a more precise presentation see NuFW Motivation.

NuFW has its own website: http://www.nufw.org/.

You can discuss about NuFW and ask questions on INL's forums.

Download

Download stable version of NuFW.

NuFW's Source are available for browsing

You can also checkout last code from subversion:

svn co http://software.inl.fr/svn/mirror/edenwall/nufw/trunk/nufw/

An idea on the status of the code can be obtained by looking at the results of automated tests system: https://buildbot.inl.fr.

Documentation

Installation guides

• NuFW Handbook (download as PDF)
• NuFW Troubleshooting
• Install NuFW and NuLog on Debian
• Compiling NuFW for Fedora Core 6
• Short installation guide (minimal test of NuFW)
• Read also README and INSTALL from source code

Usage

• Reference (download as PDF)
• Technical FAQ
• General FAQ
• Using periods in NuFW acls
• Netfilter documentation
• Modules:
  • log_mysql module usage
  • auth_mysql module usage
  • Interface name mapping usage
  • Using LDAP in NuFW
  • NuFW and quality of service (QoS)
  • Using pam_nufw
• NuFW trunk doxygen (developer documentation)

Developers

• Porting GnuTLS code into NuSSL

Where to find help ?

If you encounter some problems, you can ask question on these places :

• By IRC on channel #nufw (or #nufw-fr for french speaking people) on freenode
• On INL forums: http://forums.inl.fr/
• Via the mailing-lists:
  • NuFW users for user discussion
  • NuFW devel for developer discussion

Documentation en français (french)

• Article MISC n°18 (Introduction à NuFW): article published in MISC security magazine n°18
• Présentation de NuFW lors de Solutions Linux 2007 (download as SXI, OpenSource)

Old documentations

• Testing NuFW 1.0
• HOWTO NuFW 2.0 (download as PDF)
• HOWTO NuFW 1.0 (download as PDF)
• NuFW 2.0 doxygen documentation

Possible problems and bugs

Here's the possibly empty list of known bugs:

#323

Aboutlstxk

#324

аппа

#337

my_tt

NuFW development

Next, NuFW release will be 2.4.

Planned features include : No results

Among other, the following have been implemented:

#18

Cache system: Avoid key generation during FREE_MESSAGE

#23

Logging nufw connections and disconnections

#30

Running several nutcpc having different hostname

#34

Enhance client protocol to detect NAT

#38

libnuclient should only authenticate packets when IPs match

#64

log_nuprelude should log IP of nufw server in analyzer

Planned features for 2.6

Work on NuFW 2.6 has not yet started, but the list of upcoming features is here (if not empty): No results

Contact and Support

• Communauty support : mailing lists, IRC, forums.
• Commercial support: INL provides for installation, configuration and maintenance of all Nufw components.

Single Sign On

• Squid: squid_nufw_helper
• Apache: mod_auth_nufw

Error: Failed to load processor WikiInclude

No macro or processor named 'WikiInclude' found