IPFire
ipfire.org Hardware![IPFire Icon](https://www.ipfire.org/static/img/apple-touch-icon-192x192-precomposed.png)
IPFire is a hardened, versatile, state-of-the-art Open Source firewall based on Linux. Easy to install on a raspberry Pi, since it is lightweight and heavily customizable.
- Homepage: ipfire.org
- GitHub: github.com/ipfire/ipfire-2.x
- Web info: web-check.xyz/results/ipfire.org
IPFire Source Code
Author
Description
IPFire 2.x development tree
Homepage
License
Created
15 Jan 13
Last Updated
27 Nov 24
Latest version
Primary Language
Perl
Size
94,313 KB
Stars
172
Forks
80
Watchers
172
Language Usage
Star History
Top Contributors
-
@mtremer (7156)
-
@pmu-ipf (1598)
-
@DaStevee (1334)
-
@jonaschl (198)
-
@jtuecking (172)
-
@Leyvur (69)
-
@ummeegge (67)
-
@alfh (58)
-
@RobinR1 (45)
-
@teissler (25)
-
@realglotzi (23)
-
@Arne-F (21)
-
@Starkstromkonsument (16)
-
@jiweigert (14)
-
@larsen0815 (12)
-
@SaschaKilian1983 (7)
-
@sonic42 (6)
-
@fischerm42 (6)
-
@mcbridematt (5)
-
@MEitelwein (5)
-
@steph78630 (5)
-
@ramaxlo (4)
-
@hadfl (4)
-
@Smookydope (4)
-
@wapolinar (3)
-
@dutchtux (3)
-
@ric211 (3)
-
@rollopack (3)
-
@lentferj (2)
-
@JonMurphy (2)
Recent Commits
-
Arne Fitzenreiter (26 Nov 24)
linux-firmware: ship needed config txt files. these files are parsed by the kernel at firmware load and are needed! don't remove it again. Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Arne Fitzenreiter (25 Nov 24)
kernel: update to 6.6.63 Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Arne Fitzenreiter (20 Nov 24)
kernel: rootfile update aarch64 Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Arne Fitzenreiter (20 Nov 24)
kernel: rebase aarch64 patchset and add nanopi r2s plus oc devicetree Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Arne Fitzenreiter (19 Nov 24)
transmission: add minipnpc as dependency Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Arne Fitzenreiter (19 Nov 24)
miniupnpc: change to addon pak transmission need the lib at runtime. Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Arne Fitzenreiter (19 Nov 24)
kernel: update to 6.6.62 Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Arne Fitzenreiter (09 Nov 24)
collectd: fix errormessage on fresh installations the /etc/collectd.d/ folder must have at least one file in it so this add an file with a comment that custom configs should placed there. Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Arne Fitzenreiter (09 Nov 24)
kernel: update to 6.6.60 Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Arne Fitzenreiter (08 Nov 24)
networking/red: remove leftover debugging messages. Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Arne Fitzenreiter (06 Nov 24)
hostapd: fix start/stop buttons Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Arne Fitzenreiter (05 Nov 24)
network-functions: fix add newline in $wireless_status with the other syntax perl suggest this change. Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Arne Fitzenreiter (05 Nov 24)
core190: ship intel-microcode Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Adolf Belka (30 Oct 24)
intel-microcode: Update to version 20241029 - Update from version 20240910 to 20241029 - Update of rootfile not required - Changelog 20241029 Update for functional issues. Refer to 14th/13th Generation Intel® Core™ Processor Specification Update for details at https://cdrdv2.intel.com/v1/dl/getContent/740518 Updated Platforms Processor Stepping F-M-S/PI Old Ver New Ver Products RPL-E/HX/S B0 06-b7-01/32 00000129 0000012b Core Gen13/Gen14 Signed-off-by: Adolf Belka <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Michael Tremer (21 Oct 24)
suricata: Explicitly ignore IPsec traffic unless enabled Signed-off-by: Michael Tremer <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Arne Fitzenreiter (05 Nov 24)
core190: ship bind Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Matthias Fischer (18 Oct 24)
bind: Update to 9.20.3 For details see: https://downloads.isc.org/isc/bind9/9.20.3/doc/arm/html/notes.html#notes-for-bind-9-20-3 Signed-off-by: Matthias Fischer <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Matthias Fischer (18 Oct 24)
unbound: Update to 1.22.0 For details see: https://nlnetlabs.nl/projects/unbound/download/#unbound-1-22-0 Signed-off-by: Matthias Fischer <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Arne Fitzenreiter (05 Nov 24)
core190: ship unbound-dhcp-leases-bridge Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Michael Tremer (21 Oct 24)
unbound-dhcp-leases-bridge: Fix expiry check on leases Signed-off-by: Michael Tremer <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Michael Tremer (21 Oct 24)
unbound-dhcp-leases-bridge: Don't overwrite static leases When we import all static leases, their remark will be used as hostname (because WTF?) and might be overwritten if the device is not sending any or even the same hostname. This patch avoids that static leases will be modified. Signed-off-by: Michael Tremer <[email protected]> Reviewed-by: Bernhard Bitsch <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Michael Tremer (21 Oct 24)
unbound-dhcp-leases-bridge: Fix typo Signed-off-by: Michael Tremer <[email protected]> Reviewed-by: Bernhard Bitsch <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Michael Tremer (21 Oct 24)
unbound-dhcp-leases-bridge: Don't export expired leases to Unbound Signed-off-by: Michael Tremer <[email protected]> Reviewed-by: Bernhard Bitsch <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Arne Fitzenreiter (05 Nov 24)
core190: ship dhcp client changes Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Michael Tremer (16 Oct 24)
networking: Allow changing DHCP Option Rapid Commit This option needs to be configurable since some (braindead) ISPs have started running broken DHCP servers to be bug-compatible with cheap broken plastic routers. By default we keep this option enabled, but it can now be turned off whenever needed. Suggested-by: Adolf Belka <[email protected]> Signed-off-by: Michael Tremer <[email protected]> Tested-by: Adolf Belka <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Arne Fitzenreiter (05 Nov 24)
core190: ship files with fixed chown syntax Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Michael Tremer (17 Oct 24)
chown: Replace . with : on all shipped scripts I don't like this messy bootup screen that we have with all sorts of warnings that actually don't cause any problems, but make the boot messy and send the wrong message to users. Signed-off-by: Michael Tremer <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Arne Fitzenreiter (05 Nov 24)
core190: ship network-hotplug-bridges Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Michael Tremer (17 Oct 24)
udev: network-hotplug-bridges: Silence a warning when interfaces have gone away It can happen that udev has an event for an interface in the queue that has already gone away - or even just being renamed. Then reading the MAC address fails. Because the shell expands the "$(<...)" statement before running the whole line, the read check is useless. Because the code would get too complicated otherwise, I decided to use cat. Not cool, but this does the job. Signed-off-by: Michael Tremer <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>
-
Michael Tremer (17 Oct 24)
wlanap.cgi: Use the correct array to fetch the current interface Signed-off-by: Michael Tremer <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>
IPFire Website
Website
www.ipfire.org - Welcome to IPFire
IPFire is a hardened, versatile, state-of-the-art Open Source firewall based on Linux.
Redirects
Does not redirect
Security Checks
All 66 security checks passed
Server Details
- IP Address 81.3.27.38
- Hostname fw01.ipfire.org
- Location Datteln, Nordrhein-Westfalen, Germany, EU
- ISP Visit www.ipfire.org
- ASN AS24679
Associated Countries
-
US
-
GB
-
DE
Saftey Score
Website marked as safe
100%
Blacklist Check
www.ipfire.org was found on 0 blacklists
- ThreatLog
- OpenPhish
- PhishTank
- Phishing.Database
- PhishStats
- URLhaus
- RPiList Not Serious
- AntiSocial Blacklist
- PhishFeed
- NABP Not Recommended Sites
- Spam404
- CRDF
- Artists Against 419
- CERT Polska
- PetScams
- Suspicious Hosting IP
- Phishunt
- CoinBlockerLists
- MetaMask EthPhishing
- EtherScamDB
- EtherAddressLookup
- ViriBack C2 Tracker
- Bambenek Consulting
- Badbitcoin
- SecureReload Phishing List
- Fake Website Buster
- TweetFeed
- CryptoScamDB
- StopGunScams
- ThreatFox
- PhishFort
Website Preview
IPFire Reviews
More Firewalls
-
Provides simple and advanced ways to block access to the internet. Applications and addresses can individually be allowed or denied access to Wi-Fi and/or mobile connection.
-
Notifies you when an app is trying to access the Internet, so all you need to do is just Allow or Deny. Allows you to create filter rules based on IP address, host name or domain name, and you can allow or deny only specific connections of an app.
Not Open Source -
AFWall+
(Android - Rooted)
xdaforums.com/t/5-0-root-3-6-0-afwall-iptables-firewall-28-aug-2023.1957231Android Firewall+ (AFWall+) is an advanced iptables editor (GUI) for rooted Android devices, which provides very fine-grained control over which Android apps are allowed to access the network.
-
An open-source ad-blocker and firewall app for Android 6+ (does not require root).
-
Firewall app for iPhone, allowing you to block any connection to any domain.
Not Open Source -
Tool to control Windows Filtering Platform (WFP), in order to configure detailed network activity on your PC. (Windows)
-
Free, open source macOS firewall. It aims to block unknown outgoing connections, unless explicitly approved by the user.
-
A very polished application firewall, allowing you to easily manage internet connections on a per-app basis. (Mac OS)
Not Open Source -
Makes internet connections from all apps visible, allowing you to block or manage traffic on a per-app basis. GNU/Linux port of the Little Snitch application firewall.
-
Open source GUI firewall for Linux, allowing you to block internet access for certain applications. Supports both simple and advanced mode, GUI and CLI options, very easy to use, lightweight/ low-overhead, under active maintenance and backed by a strong community.
-
The ufw (Uncomplicated Firewall) is a GUI application and CLI, that allows you to configure a firewall using
iptables
much more easily. -
An open source firewall tool for Linux that builds upon the Netfilter system built into the Linux kernel, making it easier to manage more complex configuration schemes with iptables.
-
Enterprise firewall and router for protecting networks, built on the FreeBSD system.
About the Data: IPFire
API
You can access IPFire's data programmatically via our API.
Simply make a GET
request to:
https://api.awesome-privacy.xyz/networking/firewalls/ipfire
The REST API is free, no-auth and CORS-enabled. To learn more, view the Swagger Docs or read the API Usage Guide.
About the Data
Beyond the user-submitted YAML you see above, we also augment each listing with additional data dynamically fetched from several sources. To learn more about where the rest of data included in this page comes from, and how it is computed, see the About the Data section of our About page.
Share IPFire
Help your friends compare Firewalls, and pick privacy-respecting software and services.
Share IPFire and Awesome Privacy with your network!