Firelet is a centralized firewall management tool for small and medium scale environments.
It supports Linux-based firewall nodes.
Based on a set of rules, Firelet builds and deploys Iptables/Netfilter configurations on the firewalls on a per-need basis.
Firelet is currently under development.Please subscribe to the mailing list for updates.
Firelet deploys on each firewall only the required rules based on the directly contiguous network.
Example: A set of hosts are running in two different networks: left and right side.
The networks are routed by two firewall nodes.
Also, the Server host is running a local firewall.
The Client host is not running a firewall.
A rule is configured to allow Client to connect to Server. Based on the network interfaces connected to each host, only three nodes needs to be updated. A new rule is deployed to the two central firewall and the Server host (orange arrows).
Any other firewall-enabled host in the network will not receive a copy of the new rule as long as it is not on the traffic path.
Firelet provides only Netfilter-based traffic filtering. Firelet does not provide:
However, Firelet can manage rulesets on firewalls in HA or load-balancing setups,
running masquerading, and Linux-based VPN endpoints.
Firelet is not released yet.
You can download the current development version using Git from:
Git read-only repository
or Git-over-https read-only repository
Bugs and feature request are hosted on GitHub