This is the project homepage for KMyFirewall, an based firewall configuration tool for running on Linux based systems.
KMyFirewall attempts to make it easier to
setup IPTables based firewalls on Linux systems.
It will be the right tool if you like to have a so called "Personal Firewall" running on your Linux box, but don't have the time and/or the interest to spend hours in front of the IPTables manual just to setup a firewall that keeps the "bad" people out.
One of the key features of KMyFirewall is its use of "workday configurations." These configurations are pre-defined sets of firewall rules that are designed to meet the needs of typical home and small business users. For example, there may be a workday configuration for a user who wants to allow incoming connections for certain services, such as SSH and HTTP, while blocking all other incoming connections.
The firewall has the ability to save entire rulesets, so you only have to configure your ruleset one
time, and then you can use it on several computers giving each of
them a similar configuration (p.e. school networks, office,
university, etc.). For a complete list of the features have a look
at the Features
Programs can't do any magic, so you still will have to know what your firewall should do to setup your ruleset. KMyFirewall just tries to help you as much as possible, but you decide what it will do.
Since the last stable release, the user interface has been expanded to enable easier and more flexible configuration for both advanced and novice users. Also NAT support has become far more accessible to setup.
Just give it chance...
Important: As the file format used to save the rulesets has changed, rulesets created with KMF < 1.0beta1 WILL NOT work, don't even try it!
Donatas Glodenis provides KMyFirewall 1.1.1 and patched kdesudo packages for Ubuntu/Kubuntu at
thanks for his support!
As reported by Donatas Gloden the installation process in version 1.1.0 is seriously broken - IT DOES NOT INSTALL A VALID SCRIPT!
So please Update to v1.1.1 that i've just released on sf.net if you are using 1.1.0!
With great thanks to Donatas Glodenis here is a much better fix solving the "kdesu -t issue". Here are the instructions form his email:
The kdesudo version 2.1, available for the coming version of Ubuntu Hardy Heron (8.4), already has the -t option implemented. You can build your own kdesudo package for gutsy by following these steps: 1. Download these packages from the repositories: $ wget http://archive.ubuntu.com/ubuntu/pool/main/k/kdesudo/kdesudo_2.1-0ubuntu1.dsc $ wget http://archive.ubuntu.com/ubuntu/pool/main/k/kdesudo/kdesudo_2.1.orig.tar.gz $ wget http://archive.ubuntu.com/ubuntu/pool/main/k/kdesudo/kdesudo_2.1-0ubuntu1.diff.gz 2. setup sources: $ dpkg-source -x kdesudo_2.1-0ubuntu1.dsc 3. Build package: $ cd kdesudo-2.1/ $ sudo apt-get build-dep kdesudo $ dpkg-buildpackage -rfakeroot -uc -b 4. Install package $ cd ../ $ sudo dpkg -i kdesudo*.deb Here is the apt-get source for KMyFirewall and the patched KDEsudo http://dg.lapas.info/share/paketai/ubuntu-gutsy/greetings,
Well, it has been a while since the last release, almost 2 years ;)
Sorry for the slow progress until now, but i hope the new KMyFirewall 1.1.0 release will excuse the long waiting.
This release includes lots of cool new features (e.g. multi target configuration, remote installation etc.) and fixes all known bugs. Again the document format has changed a bit but i did my best to make it compatible with rule sets created using v1.0.x
Main New Features
Multi Target Configuration & Remote firewall control
With KMyFirewall 1.1.0 you are now able to define so called Targets (accessible in the MyNetwork View), those are the computers you like to manage using KMyFirewall.
After configuring a Target (IP address and SSH port) you simply set it as the "Active Target" and edit it's rule set as you did for localhost. The only requirement is that the target allows SSH connections and has a bash shell installed.
With the help of KDE's KIO technology you can install, run, show configuration etc. on the remote host, as you did on localhost before.
All communication between KMyFirewall and the target is encrypted using SSH.
New Undo/Redo Engine
As consequence to the lots of trouble the current undo/redo implementation has made, i re-designed it and as result the engine is faster, more reliable and much easier to use as a developer.
Custom Protocols (Generic Interface)
This solves on of the most annoying problems of the Generic Interface. In KMyFirewall's settings dialog you now can define your own protocols.
So if you find any important protocol still missing, simply create it and if you like send it to chubinger_AT_irrsinnig_DOT_org so that i can add it for the next release. (For the future i plan to implement a KHotNewStuff service to allow online updates of the protocol library.)
Improved Auto Configuration
The auto configuration capabilities have been moved to a small bash script and therefore can also be used for remote targets. If your system is not detected correctly please send your configuration to chubinger_AT_irrsinnig_DOT_org so that i can add them to the auto configuration script.
So finally i just like to say have fun managing your firewalls using KMyFirewall 1.1.0
Feedback and burg reports are very welcome.