IPFire
ipfire.orgA hardened, versatile, state-of-the-art open source firewall based on Linux. Its ease of use, high performance and extensibility make it usable for everyone.
- Homepage: ipfire.org
- GitHub: github.com/ipfire/ipfire-2.x
- Web info: web-check.xyz/results/ipfire.org
IPFire Source Code
Author
Description
IPFire 2.x development tree
Homepage
License
Created
15 Jan 13
Last Updated
27 Nov 24
Latest version
Primary Language
Perl
Size
94,313 KB
Stars
172
Forks
80
Watchers
172
Language Usage
Star History
Top Contributors
- @mtremer (7156)
- @pmu-ipf (1598)
- @DaStevee (1334)
- @jonaschl (198)
- @jtuecking (172)
- @Leyvur (69)
- @ummeegge (67)
- @alfh (58)
- @RobinR1 (45)
- @teissler (25)
- @realglotzi (23)
- @Arne-F (21)
- @Starkstromkonsument (16)
- @jiweigert (14)
- @larsen0815 (12)
- @SaschaKilian1983 (7)
- @sonic42 (6)
- @fischerm42 (6)
- @mcbridematt (5)
- @MEitelwein (5)
- @steph78630 (5)
- @ramaxlo (4)
- @hadfl (4)
- @Smookydope (4)
- @wapolinar (3)
- @dutchtux (3)
- @ric211 (3)
- @rollopack (3)
- @lentferj (2)
- @JonMurphy (2)
Recent Commits
- Arne Fitzenreiter (26 Nov 24)
linux-firmware: ship needed config txt files. these files are parsed by the kernel at firmware load and are needed! don't remove it again. Signed-off-by: Arne Fitzenreiter <[email protected]>
- Arne Fitzenreiter (25 Nov 24)
kernel: update to 6.6.63 Signed-off-by: Arne Fitzenreiter <[email protected]>
- Arne Fitzenreiter (20 Nov 24)
kernel: rootfile update aarch64 Signed-off-by: Arne Fitzenreiter <[email protected]>
- Arne Fitzenreiter (20 Nov 24)
kernel: rebase aarch64 patchset and add nanopi r2s plus oc devicetree Signed-off-by: Arne Fitzenreiter <[email protected]>
- Arne Fitzenreiter (19 Nov 24)
transmission: add minipnpc as dependency Signed-off-by: Arne Fitzenreiter <[email protected]>
- Arne Fitzenreiter (19 Nov 24)
miniupnpc: change to addon pak transmission need the lib at runtime. Signed-off-by: Arne Fitzenreiter <[email protected]>
- Arne Fitzenreiter (19 Nov 24)
kernel: update to 6.6.62 Signed-off-by: Arne Fitzenreiter <[email protected]>
- Arne Fitzenreiter (09 Nov 24)
collectd: fix errormessage on fresh installations the /etc/collectd.d/ folder must have at least one file in it so this add an file with a comment that custom configs should placed there. Signed-off-by: Arne Fitzenreiter <[email protected]>
- Arne Fitzenreiter (09 Nov 24)
kernel: update to 6.6.60 Signed-off-by: Arne Fitzenreiter <[email protected]>
- Arne Fitzenreiter (08 Nov 24)
networking/red: remove leftover debugging messages. Signed-off-by: Arne Fitzenreiter <[email protected]>
- Arne Fitzenreiter (06 Nov 24)
hostapd: fix start/stop buttons Signed-off-by: Arne Fitzenreiter <[email protected]>
- Arne Fitzenreiter (05 Nov 24)
network-functions: fix add newline in $wireless_status with the other syntax perl suggest this change. Signed-off-by: Arne Fitzenreiter <[email protected]>
- Arne Fitzenreiter (05 Nov 24)
core190: ship intel-microcode Signed-off-by: Arne Fitzenreiter <[email protected]>
- Adolf Belka (30 Oct 24)
intel-microcode: Update to version 20241029 - Update from version 20240910 to 20241029 - Update of rootfile not required - Changelog 20241029 Update for functional issues. Refer to 14th/13th Generation Intel® Core™ Processor Specification Update for details at https://cdrdv2.intel.com/v1/dl/getContent/740518 Updated Platforms Processor Stepping F-M-S/PI Old Ver New Ver Products RPL-E/HX/S B0 06-b7-01/32 00000129 0000012b Core Gen13/Gen14 Signed-off-by: Adolf Belka <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>
- Michael Tremer (21 Oct 24)
suricata: Explicitly ignore IPsec traffic unless enabled Signed-off-by: Michael Tremer <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>
- Arne Fitzenreiter (05 Nov 24)
core190: ship bind Signed-off-by: Arne Fitzenreiter <[email protected]>
- Matthias Fischer (18 Oct 24)
bind: Update to 9.20.3 For details see: https://downloads.isc.org/isc/bind9/9.20.3/doc/arm/html/notes.html#notes-for-bind-9-20-3 Signed-off-by: Matthias Fischer <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>
- Matthias Fischer (18 Oct 24)
unbound: Update to 1.22.0 For details see: https://nlnetlabs.nl/projects/unbound/download/#unbound-1-22-0 Signed-off-by: Matthias Fischer <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>
- Arne Fitzenreiter (05 Nov 24)
core190: ship unbound-dhcp-leases-bridge Signed-off-by: Arne Fitzenreiter <[email protected]>
- Michael Tremer (21 Oct 24)
unbound-dhcp-leases-bridge: Fix expiry check on leases Signed-off-by: Michael Tremer <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>
- Michael Tremer (21 Oct 24)
unbound-dhcp-leases-bridge: Don't overwrite static leases When we import all static leases, their remark will be used as hostname (because WTF?) and might be overwritten if the device is not sending any or even the same hostname. This patch avoids that static leases will be modified. Signed-off-by: Michael Tremer <[email protected]> Reviewed-by: Bernhard Bitsch <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>
- Michael Tremer (21 Oct 24)
unbound-dhcp-leases-bridge: Fix typo Signed-off-by: Michael Tremer <[email protected]> Reviewed-by: Bernhard Bitsch <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>
- Michael Tremer (21 Oct 24)
unbound-dhcp-leases-bridge: Don't export expired leases to Unbound Signed-off-by: Michael Tremer <[email protected]> Reviewed-by: Bernhard Bitsch <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>
- Arne Fitzenreiter (05 Nov 24)
core190: ship dhcp client changes Signed-off-by: Arne Fitzenreiter <[email protected]>
- Michael Tremer (16 Oct 24)
networking: Allow changing DHCP Option Rapid Commit This option needs to be configurable since some (braindead) ISPs have started running broken DHCP servers to be bug-compatible with cheap broken plastic routers. By default we keep this option enabled, but it can now be turned off whenever needed. Suggested-by: Adolf Belka <[email protected]> Signed-off-by: Michael Tremer <[email protected]> Tested-by: Adolf Belka <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>
- Arne Fitzenreiter (05 Nov 24)
core190: ship files with fixed chown syntax Signed-off-by: Arne Fitzenreiter <[email protected]>
- Michael Tremer (17 Oct 24)
chown: Replace . with : on all shipped scripts I don't like this messy bootup screen that we have with all sorts of warnings that actually don't cause any problems, but make the boot messy and send the wrong message to users. Signed-off-by: Michael Tremer <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>
- Arne Fitzenreiter (05 Nov 24)
core190: ship network-hotplug-bridges Signed-off-by: Arne Fitzenreiter <[email protected]>
- Michael Tremer (17 Oct 24)
udev: network-hotplug-bridges: Silence a warning when interfaces have gone away It can happen that udev has an event for an interface in the queue that has already gone away - or even just being renamed. Then reading the MAC address fails. Because the shell expands the "$(<...)" statement before running the whole line, the read check is useless. Because the code would get too complicated otherwise, I decided to use cat. Not cool, but this does the job. Signed-off-by: Michael Tremer <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>
- Michael Tremer (17 Oct 24)
wlanap.cgi: Use the correct array to fetch the current interface Signed-off-by: Michael Tremer <[email protected]> Signed-off-by: Arne Fitzenreiter <[email protected]>
IPFire Website
Website
www.ipfire.org - Welcome to IPFire
IPFire is a hardened, versatile, state-of-the-art Open Source firewall based on Linux.
Redirects
Does not redirect
Security Checks
All 66 security checks passed
Server Details
- IP Address 81.3.27.38
- Hostname fw01.ipfire.org
- Location Datteln, Nordrhein-Westfalen, Germany, EU
- ISP Visit www.ipfire.org
- ASN AS24679
Associated Countries
- US
- GB
- DE
Saftey Score
Website marked as safe
100%
Blacklist Check
www.ipfire.org was found on 0 blacklists
- ThreatLog
- OpenPhish
- PhishTank
- Phishing.Database
- PhishStats
- URLhaus
- RPiList Not Serious
- AntiSocial Blacklist
- PhishFeed
- NABP Not Recommended Sites
- Spam404
- CRDF
- Artists Against 419
- CERT Polska
- PetScams
- Suspicious Hosting IP
- Phishunt
- CoinBlockerLists
- MetaMask EthPhishing
- EtherScamDB
- EtherAddressLookup
- ViriBack C2 Tracker
- Bambenek Consulting
- Badbitcoin
- SecureReload Phishing List
- Fake Website Buster
- TweetFeed
- CryptoScamDB
- StopGunScams
- ThreatFox
- PhishFort
Website Preview
IPFire Reviews
More Self-Hosted Network Security
-
Network-level advertisement and Internet tracker blocking application which acts as a DNS sinkhole. Pi-Hole can significantly speed up your internet, remove ads and block malware. It comes with a nice web interface and a mobile app with monitoring features, it's open source, easy to install and very widely used.
-
Another DNS server for blocking privacy-invasive content at its source. Technitium doesn't require much of a setup, and basically works straight out of the box, it supports a wide range of systems (and can even run as a portable app on Windows). It allows you to do some additional tasks, such as add local DNS addresses and zones with specific DNS records. Compared to Pi-Hole, Technitium is very lightweight, but lacks the deep insights that Pi-Hole provides, and has a significantly smaller community behind it.
-
A simple way to set up a home VPN on any Debian server. Supports OpenVPN and WireGuard with elliptic curve encryption keys up to 512 bit. Supports multiple DNS providers and custom DNS providers - works nicely along-side PiHole.
-
Powerful open source web content filter.
-
Widely used, open source firewall/router.
-
Detect if you have a malware-infected computer on your network, and powerful network analysis framework and monitor.
-
Open-source self-hosted VPN and firewall built on WireGuard®.
About the Data: IPFire
API
You can access IPFire's data programmatically via our API.
Simply make a GET
request to:
https://api.awesome-privacy.xyz/networking/self-hosted-network-security/ipfire
The REST API is free, no-auth and CORS-enabled. To learn more, view the Swagger Docs or read the API Usage Guide.
About the Data
Beyond the user-submitted YAML you see above, we also augment each listing with additional data dynamically fetched from several sources. To learn more about where the rest of data included in this page comes from, and how it is computed, see the About the Data section of our About page.
Share IPFire
Help your friends compare Self-Hosted Network Security, and pick privacy-respecting software and services.
Share IPFire and Awesome Privacy with your network!