IPFire

ipfire.org
IPFire Icon

IPFire is a hardened, versatile, state-of-the-art Open Source firewall based on Linux. Easy to install on a raspberry Pi, since it is lightweight and heavily customizable.

Open Source

IPFire Source Code

Author

ipfire

Description

IPFire 2.x development tree

Homepage

License

Created

15 Jan 13

Last Updated

16 Jan 25

Latest version

v2.29-core190

Primary Language

Perl

Size

95,163 KB

Stars

176

Forks

82

Watchers

176

Language Usage

Language Usage

Star History

Star History

Recent Commits

  • Adolf Belka (13 Jan 25)

    freeradius: Update to version 3.2.6 - Update from version 3.2.5 to 3.2.6 - Update of rootfile - Changelog 3.2.6 Configuration changes * require_message_authenticator=auto and limit_proxy_state=auto are not applied for wildcard clients. This likely will leave your network in an insecure state. Upgrade all clients! Feature improvements * Allow for "auth+acct" dynamic home servers. * Allow for setting "Home-Server-Pool", etc. for proxying accounting packets, just like authentication packets. * Fix spelling in starent SN[1]-Subscriber-Acct-Mode attribute value. Patch from John Thacker. * Update dictionary.iea. Patch from John Thacker. * Add warning for secrets that are too short. * More debugging for SSL ciphers. Patch from Nick Porter. * Update 3GPP dictionary. Patch from Nick Porter. * Fix ZTE dictionary. * Make radsecret more portable and avoid extra dependencies. * Add timestamp for Client-Lost so we don't think it's 1970. Patch from Alexander Clouter. #5353 Bug fixes * Dynamic clients now inherit require_message_authenticator and limit_proxy_state from dynamic client {...} definition. * Fix radsecret build rules to better support parallel builds. * Checkpoint systems should be reconfigured for the BlastRADIUS attack: https://support.checkpoint.com/results/sk/sk182516 The Checkpoint systems drop packets containing Message-Authenticator, which violates the RFCs and is completely ridiculous. * Fix duplicate CoA packet issue. #5397 * Several fixes in the event code * Don't leak memory in rlm_sql_sqlite. #5392 * Don't stop processing RadSec data too early. Signed-off-by: Adolf Belka <[email protected]> Signed-off-by: Michael Tremer <[email protected]>

  • Adolf Belka (16 Jan 25)

    libxxhash: Update to version 0.8.3 and make available to rsync - Update from version 0.8.2 to 0.8.3 - Update of rootfile - Move libxxhash to before rsync in make.sh - Changelog 0.8.3 - fix : variant `XXH3_128bits_withSecretandSeed()` could produce an invalid result in some specific set of conditions, #894 by @hltj - cli : vector extension detected at runtime on x86/x64, enabled by default - cli : new commands `--filelist` and `--files-from`, by @Ian-Clowes - cli : XXH3 64-bits GNU format can now be generated and checked (command `-H3`) - portability: LoongArch SX SIMD extension, by @lrzlin - portability: can build on AIX, suggested by @likema - portability: validated for SPARC cpus Signed-off-by: Adolf Belka <[email protected]> Signed-off-by: Michael Tremer <[email protected]>

  • Adolf Belka (16 Jan 25)

    rsync: Update to version 3.4.1 - Update from version 3.3.0 to 3.4.1 as the previous patch which went from 3.3.0 to 3.4.0 has only been merged into CU190 and not into next where this patch is being done. Not sure if this will cause problems or not. I updated the PAK_VER of rsynce from 19 to 21 so that it went over the PAK_VER of the version merged into CU190. - If how I have done it is not the best or not correct just let me know how I should do it and I will re-do it. - Update of rootfile not required. - Added in enabling xxhash as we have that available in IPFire as another addon. - Ran rsync -V and confirmed that xxhash is now available to rsync. - Changelog 3.4.1 Release 3.4.1 is a fix for regressions introduced in 3.4.0 BUG FIXES: - fixed handling of -H flag with conflict in internal flag values - fixed a user after free in logging of failed rename - fixed build on systems without openat() - removed dependency on alloca() in bundled popt DEVELOPER RELATED: - fix to permissions handling in the developer release script 3.4.0 (This was already in the previous patch that went from 3.3.0 to 3.4.0 Release 3.4.0 is a security release that fixes a number of important vulnerabilities. For more details on the vulnerabilities please see the CERT report https://kb.cert.org/vuls/id/952657 PROTOCOL NUMBER: - The protocol number was changed to 32 to make it easier for administrators to check their servers have been updated SECURITY FIXES: Many thanks to Simon Scannell, Pedro Gallegos, and Jasiel Spelman at Google Cloud Vulnerability Research and Aleksei Gorban (Loqpa) for discovering these vulnerabilities and working with the rsync project to develop and test fixes. - CVE-2024-12084 - Heap Buffer Overflow in Checksum Parsing. - CVE-2024-12085 - Info Leak via uninitialized Stack contents defeats ASLR. - CVE-2024-12086 - Server leaks arbitrary client files. - CVE-2024-12087 - Server can make client write files outside of destination directory using symbolic links. - CVE-2024-12088 - --safe-links Bypass. - CVE-2024-12747 - symlink race condition. BUG FIXES: - Fixed the included popt to avoid a memory error on modern gcc versions. - Fixed an incorrect extern variable's type that caused an ACL issue on macOS. - Fixed IPv6 configure check INTERNAL: - Updated included popt to version 1.19. DEVELOPER RELATED: - Various improvements to the release scripts and git setup. - Improved packaging/var-checker to identify variable type issues. - added FreeBSD and Solaris CI builds Signed-off-by: Adolf Belka <[email protected]> Signed-off-by: Michael Tremer <[email protected]>

  • Arne Fitzenreiter (08 Jan 25)

    Merge remote-tracking branch 'origin/core190'

  • Arne Fitzenreiter (08 Jan 25)

    core191: reship squid and dhcpcd Signed-off-by: Arne Fitzenreiter <[email protected]>

  • Arne Fitzenreiter (08 Jan 25)

    core191: ship iplockslist/sources and inuitscript/functions Signed-off-by: Arne Fitzenreiter <[email protected]>

  • Adolf Belka (02 Jan 25)

    miniupnpc: revert the addition of this package due to transmission reversion - As transmission has been reverted back to version 4.0.5 then miniupnpc is no longer needed for building or runtime. - This removes the minupnpc lfs and rootfile files. It also removes miniupnpc from the make.sh file. Signed-off-by: Adolf Belka <[email protected]> Signed-off-by: Michael Tremer <[email protected]>

  • Adolf Belka (02 Jan 25)

    transmission: revert version back to 4.0.5 - Revert back from 4.0.6 to 4.0.5 due to a bug in 4.0.6 that has resulted in a variety of torrent mirrors banning transmission-4.0.6 - The update from 4.0.5 to 4.0.6 did not have any security fixes in it so there is no issue in moving backward to 4.0.5 - A fix has been created but it is unclear when (and if) version 4.0.7 will be released. The fix has also been included in version 4.1.0 but this is still in beta development form. - Version 4.0.6 required minupnpc for building and run time. This reversion is also removing miniupnpc in an associated patch in this patch set. - No change required in the rootfile. Signed-off-by: Adolf Belka <[email protected]> Reviewed-by: Michael Tremer <[email protected]> Signed-off-by: Michael Tremer <[email protected]>

  • Arne Fitzenreiter (02 Jan 25)

    elinks: fix new configuration path Signed-off-by: Arne Fitzenreiter <[email protected]>

  • Arne Fitzenreiter (30 Dec 24)

    mpd: disable https peer/host verification if myMPD is serving playlists mpd cannot load this with enabled verification. Signed-off-by: Arne Fitzenreiter <[email protected]>

  • Peter Müller (27 Dec 24)

    Tor: Update to 0.4.8.13 Full changelog according to https://gitlab.torproject.org/tpo/core/tor/-/blob/tor-0.4.8.13/ChangeLog : Changes in version 0.4.8.13 - 2024-10-24 This is minor release fixing an important client circuit building (Conflux related) bug which lead to performance degradation and extra load on the network. Some minor memory leaks fixes as well as an important minor feature for pluggable transports. We strongly recommend to update as soon as possible for clients in order to neutralize this conflux bug. o Major bugfixes (circuit building): - Conflux circuit building was ignoring the "predicted ports" feature, which aims to make Tor stop building circuits if there have been no user requests lately. This bug led to every idle Tor on the network building and discarding circuits every 30 seconds, which added overall load to the network, used bandwidth and battery from clients that weren't actively using their Tor, and kept sockets open on guards which added connection padding essentially forever. Fixes bug 40981; bugfix on 0.4.8.1-alpha; o Minor feature (bridges, pluggable transport): - Add STATUS TYPE=version handler for Pluggable Transport. This allows us to gather version statistics on Pluggable Transport usage from bridge servers on our metrics portal. Closes ticket 11101. o Minor features (fallbackdir): - Regenerate fallback directories generated on October 24, 2024. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2024/10/24. o Minor bugfixes (memleak, authority): - Fix a small memleak when computing a new consensus. This only affects directory authorities. Fixes bug 40966; bugfix on 0.3.5.1-alpha. o Minor bugfixes (memory): - Fix memory leaks of the CPU worker code during shutdown. Fixes bug 833; bugfix on 0.3.5.1-alpha. Signed-off-by: Peter Müller <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>

  • Michael Tremer (30 Dec 24)

    samba: Depend on libtalloc Signed-off-by: Michael Tremer <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>

  • Arne Fitzenreiter (30 Dec 24)

    core191: move existing elinks configuration Signed-off-by: Arne Fitzenreiter <[email protected]>

  • Arne Fitzenreiter (30 Dec 24)

    elinks: fix config directory the new version has moved the config directioy from ~/.elinks to ~/.config/.elinks Signed-off-by: Arne Fitzenreiter <[email protected]>

  • Arne Fitzenreiter (30 Dec 24)

    core191: ship ntp ntp is build against OpenSSl and checks if it is linked against the correct version. So ship it to get rid of the ugly message. Signed-off-by: Arne Fitzenreiter <[email protected]>

  • Arne Fitzenreiter (24 Dec 24)

    Merge remote-tracking branch 'origin/next'

  • Arne Fitzenreiter (24 Dec 24)

    core191: update contributors Signed-off-by: Arne Fitzenreiter <[email protected]>

  • Arne Fitzenreiter (23 Dec 24)

    core191: ship backup.pl Signed-off-by: Arne Fitzenreiter <[email protected]>

  • Adolf Belka (20 Dec 24)

    backup.pl: Fix Bug13799 - addon restore not working - This fixes the existence check for the addon .ipf file from a check of existence of a directory to a check of existence of a file. Suggested-by: Bernhard Bitsch <[email protected]> Tested-by: Bernhard Bitsch <[email protected]> Fixes: Bug13799 Signed-off-by: Adolf Belka <[email protected]> Reviewed-by: Bernhard Bitsch <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>

  • Michael Tremer (21 Dec 24)

    make.sh: Explicitely check the source tarballs The Makefiles do not automatically perform the check that I expected them to perform when running a build. They check if the source tarballs are all present, but they don't check whether they match the checksum. This is only being done when "./make.sh downloadsrc" is being run. In case of the automated builds, we explicitely run "./make.sh downloadsrc", so I don't think that this might have introduced any malicious source into the published builds. Reported-by: Stephen Cuka <[email protected]> Signed-off-by: Michael Tremer <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>

  • Adolf Belka (20 Dec 24)

    libyajl: Removal of addon as no longer required by libvirt - libyajl is no longer being used by libvirt. libvirt now uses json-c which is a core package in IPFire. libyajl was stopped being used as it had not been updated and is considered effectively dead upstream. - lfs, rootfile and libyajl entry in make.sh removed. Signed-off-by: Adolf Belka <[email protected]> Reviewed-by: Michael Tremer <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>

  • Adolf Belka (20 Dec 24)

    libvirt: Update to version 10.10.0 - Update from version 10.7.0 to 10.10.0 - Update of rootfile - version 10.7.0 had a change in it which meant that the script friendly output of ``virsh list --uuid`` was replaced. This change was reverted in version 10.8.0 - In version 10.8.0 libyajl was replaced by json-c for JSON parsing and formatting. Therefore this patch set also removes libyajl from IPFire as it is no longer required. - Changelog 10.10.0 New features * qemu: add multi boot device support on s390x For classical mainframe guests (i.e. LPAR or z/VM installations), you always have to explicitly specify the disk where you want to boot from (or "IPL" from, in s390x-speak -- IPL means "Initial Program Load"). In the past QEMU only used the first device in the boot order to IPL from. With the new multi boot device support on s390x that is available with QEMU version 9.2 and newer, this limitation is lifted. If the IPL fails for the first device with the lowest boot index, the device with the second lowest boot index will be tried and so on until IPL is successful or there are no remaining boot devices to try. Limitation: The s390x BIOS will try to IPL up to 8 total devices, any number of which may be disks or network devices. * qemu: Add support for versioned CPU models Updates to QEMU CPU models with -vN suffix can now be used in libvirt just like any other CPU model. * qemu: Support for the 'data-file' QCOW2 image feature The QEMU hypervisor driver now supports QCOW2 images with 'data-file' feature present (both when probing form the image itself and when specified explicitly via ``<dataStore>`` element). This can be useful when it's required to keep data "raw" on disk, but the use case requires features of the QCOW2 format such as incremental backups. * swtpm: Add support for profiles Upcoming swtpm release will have TPM profile support that allows to restrict a TPM's provided set of crypto algorithms and commands. Users can now select profile by using ``<profile/>`` in their TPM XML definition. Improvements * qemu: Support UEFI NVRAM images on block storage Libvirt now allows users to use block storage as backend for UEFI NVRAM images and allows them to be in format different than the template. When qcow2 is used as the format, the images are now also auto-populated from the template. * qemu: Automatically add IOMMU when needed When domain of 'qemu' or 'kvm' type has more than 255 vCPUs IOMMU with EIM mode is required. Starting with this release libvirt automatically adds one (or turns on the EIM mode if there's IOMMU without it). * ch: allow hostdevs in domain definition The Cloud Hypervisor driver (ch) now supports ``<hostdev/>``-s. * ch: Enable callbacks for ch domain events The Cloud Hypervisor driver (ch) now supports emitting events on domain define, undefine, start, boot, stop and destroy. Bug fixes * qemu: Fix reversion and inactive deletion of internal snapshots with UEFI NVRAM. In `v10.9.0 (2024-11-01)`_ creation of internal snapshots of VMs with UEFI firmware was allowed, but certain operations such as reversion or inactive deletion didn't work properly as they didn't consider the NVRAM qcow2 file. * virnetdevopenvswitch: Warn on unsupported QoS settings For OpenVSwitch vNICs libivrt does not set QoS directly using 'tc' but offloads setting to OVS. But OVS is not as feature full as libvirt in this regard and setting different 'peak' than 'average' results in vNIC always sticking with 'peak'. Produce a warning if that's the case. 10.9.0 New features * qemu: zero block detection for non-shared-storage migration Users can now request that all-zero blocks are not transferred when migrating non-shared disk data without actually enabling zero detection on the disk itself. This allows sparsifying images during migration where the source has no access to the allocation state of blocks at the cost of CPU overhead. This feature is available via the ``--migrate-disks-detect-zeroes`` option for ``virsh migrate`` or ``VIR_MIGRATE_PARAM_MIGRATE_DISKS_DETECT_ZEROES`` migration parameter. See the documentation for caveats. Improvements * qemu: internal snapshot improvements The qemu internal snapshot handling code was updated to use modern commands which avoid the problems the old ones had, preventing use of internal snapshots on VMs with UEFI NVRAM. Internal snapshots of VMs using UEFI are now possible provided that the NVRAM is in ``qcow2`` format. The new code also allows better control when deleting snapshots. To prevent possible regressions no strict checking is done, but in case inconsistent state is encountered a log message is added:: warning : qemuSnapshotActiveInternalDeleteGetDevices:3841 : inconsistent internal snapshot state (deletion): VM='snap' snapshot='1727959843' missing='vda ' unexpected='' extra='' Users are encouraged to report any occurence of the above message along with steps they took to the upstream tracker. * qemu: improve documentation of image format settings The documentation of the various ``*_image_format`` settings in ``qemu.conf`` imply they can only be used to control compression of the image. The documentation has been improved to clarify the settings describe the representation of guest memory blocks on disk, which includes compression among other possible layouts. * Report CPU model blockers in domain capabilities When a CPU model is reported as usable='no' an additional ``<blockers model='...'>`` element is added for that CPU model listing features required by the CPU model, but not supported on the host. 10.8.0 Improvements * network: make networks with ``<forward mode='open'/>`` more useful It is now permissable to have a ``<forward mode='open'>`` network that has no IP address assigned to the host's port of the bridge. This is the only way to create a libvirt network where guests are unreachable from the host (and vice versa) and also 0 firewall rules are added on the host. It is now also possible for a ``<forward mode='open'/>`` network to use the ``zone`` attribute of ``<bridge>`` to set the firewalld zone of the bridge interface (normally it would not be set, as is done with other forward modes). * storage: Lessen dependancy on the ``showmount`` program Libvirt now automatically detects presence of ``showmount`` during runtime as we do with other helper programs and also the ``daemon-driver-storage-core`` RPM package now doesn't strongly depend on it if the users wish for a more minimal deployment. * Switch from YAJL to json-c for JSON parsing and formatting The parser and formatter in the libvirt library, as well as the parsers in the nss plugin were rewritten to use json-c instead of YAJL, which is effectively dead upstream. * Relax restrictions for memorytune settings It should now be possible to use resctrl on AMD CPUs as well as Intel CPUs when the resctrl filesystem is mounted with ``mba_MBps`` option. Bug fixes * virsh: Fix script-friedly output of ``virsh list --uuid`` The script-friendly output of just 1 UUID per line was mistakenly replaced by the full human-targetted table view full of redundant information and very hard to parse. Users who wish to see the UUIDs in the tabular output need to use ``virsh list --table --uuid`` as old behaviour was reverted. Note that this also broke the ``libvirt-guests`` script. The bug was introduced in `v10.7.0 (2024-09-02)`_. * network/qemu: fix some cases where ``device-update`` of a network interface was failing: * If the interface was connected to a libvirt network that was providing a pool of VFs to be used with macvtap passthrough mode, then *any* update to the interface would fail, even changing the link state. Updating (the updateable parts of) a macvtap passthrough interface will now succeed. * It previously was not possible to move an interface from a Linux host bridge to an OVS bridge. This (and the opposite direction) now works. * qemu: backup: Fix possible crashes when running monitoring commands during backup job The qemu monitor code was fixed to not crash in specific cases when monitoing APIs are called during a backup job. * Fix various memleaks and overflows Multiple memory leaks and overflows in corner cases were fixed based on upstream issues reported. * network: Better cleanup after disappeared networks If a network disappeared while virtnetworkd was not running not all clean up was done properly once the daemon was started, especially when only the network interface disappeared. This could have in some cases resulted in the network being shown as inactive, but not being able to start. * qemu: Remember memory backing directory for domains If ``memory_backing_dir`` is changed during the lifetime of a domain with file backed memory, files in the old directory would not be cleaned up once the domain is shut down. Now the directory that was used during startup is remembered for each running domain. Signed-off-by: Adolf Belka <[email protected]> Reviewed-by: Michael Tremer <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>

  • Arne Fitzenreiter (22 Dec 24)

    tftpd: leave /var/tftpboot at update or uninstall Signed-off-by: Arne Fitzenreiter <[email protected]>

  • Arne Fitzenreiter (20 Dec 24)

    mympd: update to 19.0.1 Signed-off-by: Arne Fitzenreiter <[email protected]>

  • Arne Fitzenreiter (20 Dec 24)

    Revert "en.pl: Update the wording for the check on the CA Name for upload" This reverts commit f32ca6cd79124c4fcfc722a2238c1accbfb1a9ff.

  • Arne Fitzenreiter (20 Dec 24)

    Revert "vpnmain.cgi: Fix for 2nd part of bug10595" This reverts commit 7b29acfbb597b89837dcbe1b91ef6ef4352f28a6.

  • Arne Fitzenreiter (18 Dec 24)

    zabbix-agentd: Update to 6.0.37 (LTS) Full changelog since 6.0.33: - https://www.zabbix.com/rn/rn6.0.34 - https://www.zabbix.com/rn/rn6.0.35 - https://www.zabbix.com/rn/rn6.0.36 - https://www.zabbix.com/rn/rn6.0.37 Signed-off-by: Arne Fitzenreiter <[email protected]>

  • Michael Tremer (18 Dec 24)

    core190: Remove a control character in update script Signed-off-by: Michael Tremer <[email protected]>

  • Robin Roevens (05 Nov 24)

    zabbix_agentd: Add IPS throughput and guardian blocked IP count items - Adds Zabbix Agent userparameter `ipfire.ips.throughput.get` for the agent to get details about IPS throughput bypassed/scanned/whitelisted in bytes (JSON) - Adds Zabbix Agent userparameter `ipfire.guardian.blocked.count` for the agent to get the number of currently blocked IP's by Addon: Guardian. Signed-off-by: Robin Roevens <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>

  • Adolf Belka (14 Dec 24)

    fr.pl: Update to French translations for the optionsfw.cgi page Reported-by: Phil SCAR <[email protected]> Fixes: Bug13800 Signed-off-by: Adolf Belka <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>

IPFire Website

Website

www.ipfire.org - Welcome to IPFire

IPFire is a hardened, versatile, state-of-the-art Open Source firewall based on Linux.

Redirects

Does not redirect

Security Checks

All 66 security checks passed

Server Details

  • IP Address 81.3.27.38
  • Hostname fw01.ipfire.org
  • Location Datteln, Nordrhein-Westfalen, Germany, EU
  • ISP Visit www.ipfire.org
  • ASN AS24679

Associated Countries

  • US
  • GB
  • DE

Saftey Score

Website marked as safe

100%

Blacklist Check

www.ipfire.org was found on 0 blacklists

  • ThreatLog
  • OpenPhish
  • PhishTank
  • Phishing.Database
  • PhishStats
  • URLhaus
  • RPiList Not Serious
  • AntiSocial Blacklist
  • PhishFeed
  • NABP Not Recommended Sites
  • Spam404
  • CRDF
  • Artists Against 419
  • CERT Polska
  • PetScams
  • Suspicious Hosting IP
  • Phishunt
  • CoinBlockerLists
  • MetaMask EthPhishing
  • EtherScamDB
  • EtherAddressLookup
  • ViriBack C2 Tracker
  • Bambenek Consulting
  • Badbitcoin
  • SecureReload Phishing List
  • Fake Website Buster
  • TweetFeed
  • CryptoScamDB
  • StopGunScams
  • ThreatFox
  • PhishFort

Website Preview

IPFire Reviews

More Firewalls

About the Data: IPFire

API

You can access IPFire's data programmatically via our API. Simply make a GET request to:

https://api.awesome-privacy.xyz/networking/firewalls/ipfire

The REST API is free, no-auth and CORS-enabled. To learn more, view the Swagger Docs or read the API Usage Guide.

About the Data

Beyond the user-submitted YAML you see above, we also augment each listing with additional data dynamically fetched from several sources. To learn more about where the rest of data included in this page comes from, and how it is computed, see the About the Data section of our About page.

Share IPFire

Help your friends compare Firewalls, and pick privacy-respecting software and services.
Share IPFire and Awesome Privacy with your network!

View Firewalls (14)