Wednesday, August 25, 2010

Blocking SSH scanners

We recently updated a cookbook article about how to detect and temporarily block those annoying SSH scanners. You can read the article here:

Cookbook: Block SSH Scanners

Let us know if there are configuration recipes that you would like us to add to the cookbook, we are always looking for new ideas!

Tuesday, August 24, 2010

Firewall Builder User Survey

We just announced our latest User Survey. If you are a Firewall Builder User please take a few moments to share your thoughts with us by completing this survey:

Your input helps make sure we are working on the features that are most important to you.

Friday, August 20, 2010

Firewall Builder v4.1.1 released

We are happy to announce the release of V4.1.1. This release includes fixes for a number of minor bugs as well being the first release to officially support HP ProCurve ACL configuration. Thanks to a generous donation of several switches from HP we were able to test and finalize the ProCurve support. This release also fixes a critical bug in V4.1 related to Cisco IOS ACL configurations. Some configurations would cause Firewall Builder to incorrectly generate and error with the message "Can not find interface with network zone that includes address A.B.C.D.".

V4.1.1 has been tested, and we believe it to be ready for production use, but if you do find a bug or issue please let us know.

Our "stable" rpm and deb repositories now serve packages of v4.1.1 build 3243. Source code tar.gz archives and binary packages are also available for download from SourceForge:

Windows and Mac OS X packages can be downloaded from our web site at

Thursday, August 19, 2010

Website update

We launched an updated version of the Firewall Builder website ( tonight. Since we just released a new software version (V4.1) and have been continuing to evolve we thought it was a good time to update the site with some new content and update the look-and-feel a bit.

One of the main goals of the update is to make it easier for new users to understand what the Firewall Builder application does and how they can use it to more effectively manage their firewall configurations. We always love hearing your feedback, so let us know what you think.

Monday, August 16, 2010

Thank you HP!

A huge thanks to Michael & Arran at HP for arranging a donation of three HP ProCurve Ethernet switches to the Firewall Builder project! Starting in V4.0.1 we had unofficial support for configuring ProCurve Access Control Lists (ACL), this donation will help us to officially support configuration of ACL in the next release of Firewall Builder.

Thanks HP!!

Tuesday, August 10, 2010

V4.1 is released!

We are happy to announce that V4.1 in now released! You can download it from our website here:

V4.1 includes new enhancements and features including:
  • Support for Address Table objects that use the iptables ipset module
  • Integrated SSH tools (plink.exe and pscp.exe) in Windows installer package
  • New toolbar shortcut to view complete generated firewall configuration files in the GUI

Users requested the iptables ipset module support for dynamic environments where existing firewall rules need to be updated with a new object to match (IP address or IP subnet). IP sets provide an efficient way to do this without requiring a reload of your iptables rules.

The integrated SSH tools make it easy for Windows users to utilize the built-in Firewall Builder installer functions. No need to load additional software and update your preferences, everything you need is already there.

Want to know what your configuration will look like? The "inspect" function allows you to preview your configuration files in the Firewall Builder GUI before you deploy them to your firewalls.

Have suggestions for features you would like us to add? Leave us a comment and we'll consider it for future releases.