pyroman

Very fast firewall configuration tool

Pyroman is a firewall tool written in Python for complex networks, but it can of course also handle simple single-host-single-link setups. Interesting features: * Fast, due to use of iptables-restore for mass setting of rules * Rollback to previous firewall configuration on errors * Safety options to prevent mistakes in configuration (success confirmation prompt and/or scripted external verification) * Detailed error reporting * Lots of verification checks done before execution * Powerful yet clean configuration files (in Python and/or XML) * Designed for multiple hosts, firewalls, networks * Consistent firewalls for IPv4 and IPv6 Pyroman is inspired by Shorewall and FireHOL, but tries to improve upon them with respect to performance and ease of configuration. Pyroman currently only configures iptables/netfilter firewalls, it does not include configuration utilities for setting up VPN or traffic shaping.