1. WHAT IS IPKUNGFU?
  2. WHO SHOULD USE IPKUNGFU ?
  3. HOW DOES IT WORK ?
  4. WHERE CAN I GET THE LATEST VERSION ?
  5. I HAVE A QUESTION THAT IS NOT ANSWERED IN THIS DOCUMENT.
  6. HOW DO I RUN IPKUNGFU ?
  7. WHAT DO I NEED TO RUN IPKUNGFU ?

Welcome to IpKungFu's Development Site

WHAT IS IPKUNGFU?

IPKungFu is an iptables-based Linux firewall. The primary design goals are security, ease of use, and performance, in that order. It takes advantage of advanced features of iptables, tcpwrappers, and the Linux kernel. IPKungFu can handle a wide array of configurations, and supports Internet connection sharing, multiple virtual hosts, IP forwarding, IP masquerading, configurable logging, string matching and much more. It is designed with both the novice and the expert in mind with its simple and easy to use installer, and various configuration files.

WHO SHOULD USE IPKUNGFU ?

Anyone who wishes to simplify the creation of an iptables-based firewall. Additionally, anyone who would like a simple method of configuring a Linux machine to share its Internet connection.

HOW DOES IT WORK ?

It takes configuration directives from the files in /etc/ipkungfu and uses them, along with some information gathered from your system, to build a firewall using iptables and sysctl. It is primarily an interface to iptables, which in turn is an interface to the Linux kernel's netfilter code.

WHERE CAN I GET THE LATEST VERSION ?

IPKungFu can be obtained from here, from http://linuxkungfu.org and from http://freshmeat.net/ipkungfu.
Please send bug reports to bugreport@linuxkungfu.org, or even better register to this site and submit a new ticket.

I HAVE A QUESTION THAT IS NOT ANSWERED IN THIS DOCUMENT.

First read the FAQ. Your question may be answered there.
You may post questions at http://freshmeat.net/ipkungfu, you may also be able to find the developers on IRC at: irc.freenode.net channel: #ipkungfu.

HOW DO I RUN IPKUNGFU ?

Running IPKungFu is done in a few simple steps. (as root)

  1. Download and unpack the source.
  2. Run the installation script.
  3. Edit configuration files in /etc/ipkungfu to taste.
  4. Execute ipkungfu. (/usr/local/sbin/ipkungfu)

WHAT DO I NEED TO RUN IPKUNGFU ?

IPKungFu requires a Linux kernel of 2.4.x or higher. The following should be compiled into your kernel or as a module. Note that most Linux distributions already have much of this already, especially the required section. If you have other firewalls running, you should disable or uninstall them first to avoid conflict.

Required:

  • connection tracking
  • IP tables support
  • connection state match support
  • REJECT target support
  • full NAT
  • MASQUERADE target support
  • packet mangling
  • TOS target support
  • LOG (and/or ULOG) target support
  • multiple port match support

Highly recommended:

  • FTP protocol support
  • IRC protocol support
  • limit match support
  • REDIRECT target support
  • NAT of local connections

Optional:

  • ULOG target support
  • MIRROR target support
  • string match support
  • iplimit support
  • recent match support
  • psd match support
  • nth match support
  • tcp syncookie support

Currently IPKungFu does not support IPv6

Don't forget to also check:

You're a developer, check also: