It's 2019.

Fixed a typo with the INPUT chain and ICMP.

Okay, looks like an official release.

• Updated version stamps.
• Updated copyright dates.

Installation fixes.

The installation part of the makefile now works....

Major usability fixes!

ChangeLog

• Better script generation. Status messages are now comments.
• Doesn't require root permissions to generate script anymore.

Manpages and more!

ChangeLog

• Instead of giving a "You must run this as root." message and nothing else, you'll get that message and the version/help information.
• The filename was changed from 'hostfw.sh' to simply 'firewall'.
• There is a makefile to generate a new version of the manpage (requires pandoc).
• The makefile also installs (edit PREFIX and MANPREFIX to change destinations). Defaults to /sbin and /usr/share/man.

After some feedback...

Changes

• Can optionally allow all ICMP types, not just ping and traceroute. If you had the firewall running while scanning with nmap (for some reason), errors would sometimes be thrown because the firewall restricts some lesser used types used when nmap is scanning.
• Can now restrict contact to or from certain hosts. Even if you have them in the target/outbound or trusted/inbound lists, the they will be flat out blocked if they're in the exclude list.

Minor release.

CHANGELOG

• Now allows localhost traffic even when denying all.

TODO

Things for v0.5.0:

• Update generated rules to support IPV6.
• Update options to apply to either IPV4 or IPV6.
• Allow for combination rules based on format (i.e. address style).

Minor release.

• Minor changes to display of version number.
• Added project page to script help in hopes of getting feedback.

First official release!

What's new ?

• Drops support for ULOG.
• Allow logging when setting firewall to deny all.