Turtle Firewall allows you to configure a Linux firewall in a simple and fast way. It's based on Netfilter iptables. Its operation is easy to understand: you can define the different firewall elements (zones, hosts, networks, geoips, ipsets) and then set the services (port, dpi) you want to control (allow, deny, ratelimit, log) among the different elements or groups of elements. You can do this by simply editing a XML file or using the web interface Webmin.
Turtle Firewall is an Open Source project written using the perl language and realeased under GPL version 2.0 by Andrea Frigido (Frisoft).
- Time, GeoIP and nDPI Support.
- Blacklists and Flow Risks.
- Rate Limit Support.
- Logging per Rule. ( target ACCEPT logs flow, target DROP/REJECT logs action )
- Flow Statistics. ( via Netflow nDPI classified historical flow data to disk )
- Connection Marking. ( for use with tc and iproute )
- Connection Tracking. ( for use with CT helpers )
- NAT Map to Port. ( for port redirection )
- Address Lists and CIDR Networks.
- Item Reference Lookup and Rule Order Configuration Support.
- expat library installed.
- XML::Parser perl module installed.
- Webmin installed. ( https://github.com/webmin/webmin )
- iptables command in PATH.
- Standard Netfilter kernel modules :
nf_tables,
nf_conntrack,
xt_connmark,
xt_time,
xt_set,
xt_tcpmss. - Extra Netfilter kernel modules :
xt_ndpi, ( https://github.com/vel21ripn/nDPI )
xt_geoip, ( https://codeberg.org/jengelh/xtables-addons )
xt_ratelimit. ( https://github.com/aabc/ipt-ratelimit )
Big thanks to our contributors!
- John Cameron (netcons)
- Giampaolo Tomassoni
- Mark Francis
- Alain Terriault
- Jimmy Collins
- Joe MacDonald
- Chris Carter
- Patrik
- Fredrik Tuomas
- Karl Lovink
- Frank Förster