Context Navigation

Nuface

Nuface

NUFACE 1.2 IS OUTDATED, USE NUFACE 2.0!

News

Oct 5th, 2007 : Nuface 1.2.8
Changelog :

Fixed bug when auth subject with ipv4 address on included nets.
Fixed bug when remote ipsec router is not in a net in desc.
Added DTD describing desc.xml v1.3.
[1.2.7] Added init script to block (drop) input and forward traffic until the real firewall rules are started.

Sep 10th, 2007 : Nuface 1.2.6
Changelog :

Deal with IPSEC networks properly
Fixed a very small, rare session bug

Sep 3rd, 2007 : Nuface 1.2.5
Changelog :

Introduced new option : "$disable_check_net" for tricky network topologies
Fixed bug in index: language persists through the session.
More VPN (ipsec) compatibility.
Various interface bugfixes, especially for 100% non-NuFW firewalls.

July 4th, 2007: Nuface 1.2.4
Changelog :

Bugfix : when deleting any NAT objects, DNAT objects were wrongly altered.
Ergonomy : when editing a link object, a html 'href' link is now available to the pointed object.

June 8th, 2007: Nuface 1.2.3 is out!
Changelog summary :

New tool with a text-based interactive interface to generate desc.xml files.
New functional test infrastructure to avoid regressions.
Nulayer7 fix (when conjointly used with NuFW).
Makefile fixes.

March 15th, 2007: Release of Nuface 1.2.2
Changes are :

Nupyf fix for a specific network architecture.
New manpages.
Debian package fixes.

March 6th, 2007: Here is Nuface 1.2.1
Changes from 1.2.0 :

Performance improvements both in Nuface and nupyf.
Fixed a couple of minor bugs in the Layer7 interface.
Makefile fix.
Some i18n was missing.

Feb 21st, 2007: Nuface 1.2.0 is out!
Changelog summary :

Finer ordering of ACLs.
Layer 7 filtering support, thanks to the excellent Layer7 linux patch.
Many tiny bug and ergonomy fixes.

Description

Nuface is an intuitive firewall configuration interface for EdenWall/NuFW as well as for Netfilter. It lets you use high level objects, agglomerate objects into ACLs, and deals with generating Iptables rules as well as LDAP Acls for NuFW.

Nuface screenshots are available, as well as an online demonstration.

Architecture

The NuFace project is made of a frontend, written in PHP, and a backend, named nupyf , written in Python. The frontend's job is to generate a XML file. That XML file describes network and authentication objects, as well as ACLs designed by the administrator. The backend, in turn, converts that XML data into system commands and scripts, in order to apply the filtering rules. The backend can, of course, receive commands from the web interface. In fact, a complete NuFace installation requires no console administration to modify/reload firewall rules.

The tarballs include both the frontend and the backend.

Download

1.2 and 1.0 tarballs are available from the Downloads area.

Versioning

The stable version of NuFace is 1.2. You can checkout the source of the 1.2 branch :

svn co http://software.inl.fr/svn/mirror/edenwall/nuface/branches/nuface-1.2/

and the old stable branch is still available at :

svn co http://software.inl.fr/svn/mirror/edenwall/nuface/branches/nuface-1.0/

Source code is available for browsing at Nuface trunk Subversion tree

You can also checkout the source :

svn co http://software.inl.fr/svn/mirror/edenwall/nuface/trunk/ nuface

License

Nuface is distributed under the terms of the GPL v2 license.

Demo

You can test nuface at the Nuface demo site. Of course you won’t be able to generate or apply firewall rules on this demo.

Dependencies

IPy Python module is needed by nupyf.

Installation

Please see the enclosed documentation (INSTALL file).

Online documentation

Stable branch

Old stable branch

Tickets

No results

Support

You can find help for Nuface on INL's forums or on the Mailling list.

INL provides commercial support for installation, configuration and maintenance of all Nufw components.

Error: Failed to load processor WikiInclude

No macro or processor named 'WikiInclude' found

Download in other formats:

Plain Text