Projects / Firewall Builder

Firewall Builder

Firewall Builder consists of a GUI and set of policy compilers for various firewall platforms. It helps users maintain a database of objects and allows policy editing using simple drag-and-drop operations. The GUI and policy compilers are completely independent, which provides for a consistent abstract model and the same GUI for different firewall platforms. It currently supports iptables, ipfilter, ipfw, OpenBSD pf, Cisco PIX and FWSM, and Cisco routers access lists.

Operating Systems

Recent releases

  •  28 Mar 2012 20:45

    Release Notes: Packages for Windows and Mac OS X are now distributed under the GPL, and the source code includes all files necessary to build on Linux, *BSD, Windows, and Mac OS X. This release also includes a few bugfixes in the policy compiler for iptables and for the build problem on Gentoo.

    •  23 Dec 2011 21:23

      Release Notes: This release includes improvements in the design of the installer dialog to let users start in non-batch install mode but continue in batch install mode later; improvements in support for iptables configurations for bridging Linux firewalls; fixes for several GUI crashes; policy compilers now correctly handle /31 subnets.

      •  28 Jul 2011 05:02

        Release Notes: This release includes multiple GUI enhancements and improved support for large configurations with new features like user defined subfolders, keywords for tagging objects, dynamic groups with smart filters, and more. Other new features include support for importing PF configuration files and a new object type called Attached Networks, which represents the list of networks connected to a network interface.

        •  10 May 2011 17:50

          Release Notes: This version fixes bugs in the built-installer batch install mode, SNMP network discovery wizard, and few minor bugs in the GUI.

          •  21 Apr 2011 03:17

            Release Notes: This version significantly improves importation of existing firewall configurations and introduces support for importing Cisco ASA/PIX/FWSM configuration and de-duplication of imported objects. Support for the configuration of bridge and VLAN interfaces and static routes on FreeBSD was added, and it is now possible to generate configuration in the format of rc.conf files. The latest versions of Cisco ASA software are now supported, including the new command syntax for NAT commands in ASA 8.3. The speed of rule compilation has been improved, and is especially noticeable on very large data files.

            Recent comments

            25 Aug 2010 06:16 vkurland

            We have created an online User Survey so you can tell us how we
            are doing and help us prioritize the features we are working
            on.  Our goal is to provide the best multi-vendor firewall
            configuration solution available.  Your input is very valuable to
            us, so we would appreciate your taking a few moments to complete
            this survey (link below). The survey is anonymous and should take
            less than 10 minutes to complete.


            Thanks for helping us continue to improve Firewall Builder!

            23 Jul 2009 04:27 sharif_aly

            Its cost 79$ for windows and current download is 30 day limited time.

            16 Apr 2002 11:35 vkurland

            Re: Distributed firewalls

            you can intall and activate firewall policy if you use one of the install scripts available in the Contrib area on our sourceforge page. See FAQ 4.1

            16 Apr 2002 10:07 blockall

            Distributed firewalls
            Any chance you would implement the possibility to push one ruleset to a firewall module (maybe via ssh?) and restart the module and check status?
            It would really give a kick to the application (which I really enjoy). And maybe support clustered firewalls?

            10 Apr 2002 14:31 vkurland

            Re: On FreeBSD

            > Installation on a FreeBSD however
            > requires some insight. Add some FAQs
            > around this subject and fwbuilder would
            > definitily get more focus on the FreeBSD
            > platform.

            we are working out last portability issues in the API library and the GUI. A section about building on FreeBSD will be added to the Requirements document at the time of the next release (1.0.2)


            Project Spotlight


            A Fluent OpenStack client API for Java.


            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.