EtherDam is a firewall configuration engine that relies on iptables. It presents firewall configuration as a somewhat simpler scripting language that's still flexible enough for most purposes.
So why not just use iptables?
Well, let's just face one thing: iptables is a pain to manage. By 'pain,' I mean a heavy dull throb that seems ready to make your head explode. It's nice to finally have a stateful firewalling facility for Linux, but you have to remember fifteen or so different arrangements of the iptables options just to make a simple bare-metal NAT box. It's enough to send you running back to OpenBSD.
One day, I got tired of that. So I came up with EtherDam.
My goal with EtherDam was to create a simplified firewall configuration language rather than remember or look up several complex incantations of the iptables command. EtherDam is a wrapper; it still uses iptables as a back-end.
The language itself is fairly complete--complete enough for a decent firewall--though it's not properly documented yet. The processing engine is also up to speed, though it's not extremely well tested.
|[Sep 29 2005]||EtherDam v0.4 is released. Along with some small bugfixes, it now supports a new MSS command. PPPoE users should find this particularly useful. Get the new version from the download page.|
|[May 8 2004]||EtherDam v0.3 is released. This has a few significant bugfixes, plus support for a new ROUTE command. Get it on the download page.|
|[Apr 28 2004]||EtherDam v0.2 is released. This is a big improvement over 0.1, with many bugfixes and documentation. Get it on the download page.|
|[Apr 27 2004]||EtherDam v0.1 is released. This is a beta release, and it's a bit glitchy (yes, I discovered this only after I released it). I'd really recommend you use CVS for now, but...hey, do what you want. *shrug*|
If you have a bug report, or if you want to become part of the project, then e-mail me (kelledin at spam-free-internet dot users dot sf dot net) or post a message on the project forums. Note the slight alteration in the e-mail address.