About Arno’s Firewall
Very secure stateful filtering firewall Both kernel 2.4 & 2.6 support

It can be used for both single- and multi(eg. dual)-homed boxes

Masquerading (NAT) and SNAT support

Multiple external (internet) interfaces

Support multiroute masquerading (NAT)

Port forwarding (NAT)

Support MAC address filtering

Support for DSL/ADSL modems

Support for PPPoE, PPPoA and bridging modem setups

Support for static and ISP assigned (DHCP) IPs

Support for (transparent) proxies

Support for DMZ’s and DMZ-2-LAN forwarding

(Nmap)(stealth) portscan detection

Protection against SYN-flooding (DoS attacks)

Protection against ICMP-flooding (DoS attacks)

Extensive user-definable logging with rate limiting to prevent log flooding

Includes options to optimize your throughput

User definable open ports, closed ports, trusted hosts, blocked hosts etc.

Log & protection options are both highly customizable

Support for custom iptables rules in a seperate file

It can be used with chkconfig runlevel system (eg. RedHat/Fedora)

Main focus on TCP/UDP/ICMP but additional support for *ALL* IP protocols

It works with Freeswan IPSEC (VPN) & SSH Sentinel (http://www.freeswan.org) (+virtual IP’s)

It works with PoPTop PPTP (http://www.poptop.org)

It works with UPnP

DRDOS protection/detection (experimental)

It’s easy to configure

And much more…

Download and Install