Mason
0.12.0

Supplier:

William Stearns
Platforms:

Linux, Cisco IOS
Description:

Mason is a tool that helps create a custom Linux packet filtering firewall. One starts up Mason on the machine(s) that need to do packet filtering, then does all the normal things that this neetwork needs to allow or deny. Mason creates ipchains/ipfwadm rules that can be used in a finished firewall. It includes a shell that implements the current firewall in SysV boot scripts used in most Linux distributions.

Mason is not for the user that wants a prebuilt firewall that installs without effort. Mason is perfect for:

  • Someone trying to build a "default deny" firewall.
  • Someone that wants very tight control over exactly which protocols are allowed in/out/through a machine.
  • Someone with a partial firewall that is having trouble with a few tricky protocols.
  • Machines that don't match the design of the prebuilt firewalls.
  • Implementing firewalls on routers and individual workstations or servers - machines that have typically lacked their own individual firewalls in the past.
Features:

  1. Linux ipfwadm and ipchains, Cisco IOS.
  2. Supports IP, TCP, UDP, ICMP, IPIP, GRE protocols.
  3. Automatic generalization of client and server ports and IP addresses.
  4. Supports any network device supported by Linux, including those with dynamic addresses.
  5. Automatic handling of the TOS and ACK flags.
  6. Handles quirks in ssh, nfs/sunrpc/mount, ftp, X, openwindows, vnc, irc, traceroute, masquerading, realaudio, dns, syslog, netbios, ntp, and coda.
  7. Automatically handles the standard protocols such as http, smtp, nntp, pop2/3, imap, https, telnet, etc.
  8. Source code is included, licensed under the GPL.
  9. Easy to use, even for a firewall novice.
Certification:

Price:

Free
URL:

http://www.pobox.com/~wstearns/mason/

 
© Copyright Townsend & Taphouse, 1998-2002. All rights reserved.
Home   Products Section