Language Selection

English French German Italian Portuguese Spanish

NuFW: Single sign-on meets firewall

Filed under
Software
MDV

Mandriva has recently released the latest version of its next-generation firewall, NuFW 2.1.1.

NuFW starts, like most Linux firewall software does, on the foundation of the Linux kernel's Netfilter, a set of basic IP (Internet Protocol) hooks that allows kernel modules to register callback functions with the network stack. In most distributions, it's used with iptables to create generic Linux firewalls.

Where NuFW steers away from commonplace firewalls is by bringing the notion of user identity to the firewall's security rules. With most firewalls, the rules on what network ports are enabled or disabled is determined by the computer's network address. For example, you might let the PC with the address 192.168.0.100 have access to the IP port range 6881 to 6891 to make it work better with the BitTorrent file sharing protocol. With NuFW, the firewall permissions follow an authenticated user instead of a PC's address.

Thus, firewall filtering rules are not based on just computers, but also on users or groups.

Full Story.

More in Tux Machines

GParted 0.21 Brings ReFS Detection, EXT4 For RHEL5, Reiser4 For Linux 3.x

Version 0.21 of the widely-used, GUI-based GNOME Partition Editor is now available. GParted 0.21 key changes according to its developers include a fix for a off by one sector error with GParted's internal block copy, support for EXT4 file-systems on RHEL/CentOS 5.x, and removing unnecessary duplicate actions when resizing a partition. Read more

Ubuntu Touch Apps Running in Unity Desktop – Video

Unity 8 for Ubuntu is coming along and Mir is also making good progress. One of the byproduct of all these improvements is that some of the apps that are designed for the Ubuntu Touch are also working on the Ubuntu desktop, with very little help. Read more

Debian Forked: All for Devuan and Devuan for All?

It is hard to see the direction Devuan will take, given that the project is still in its early days. The new community could create a shallow derivative, or it could fork the entire Debian archive. Another option is to try replacing Debian entirely and become a new gateway between upstream projects and users of all packages, which would require a lot more manpower and infrastructure. Read more

Wireless-enabled i.MX6 SBC offers remote IoT management

Eurotech’s “CPU-351-13″ SBC runs Linux on Freescale’s i.MX6 SoC, and offers ZigBee, GPS, extended temperature operation, remote IoT management, and more. Eurotech has been promoting the concept of managed Internet of Things devices long before “IoT” became the latest craze. The Yocto Linux ready CPU-351-13 single board computer is the latest of its embedded boards that can be remote controlled using its Everyware Software Framework (ESF) and Everyware Cloud Client. Other Everyware-enabled products from Eurotech include last year’s Intel Atom E3800 based Catalyst BT module. Read more