zlacker

[parent] [thread] 2 comments
1. denkmo+(OP)[view] [source] 2025-12-17 23:46:38
I’ll just mention Foomuuri here. Its bit of a spiritual successor to shorewall and has firewalld emulation to work with tools compatible with firewalld
replies(2): >>3np+F2 >>egbert+Kp
2. 3np+F2[view] [source] 2025-12-18 00:07:55
>>denkmo+(OP)
Thanks! Would be cool to have it packaged for alpine since firewalld requires D-Bus. There is awall but that's still on iptables and IMO at bit clunky to set up.
3. egbert+Kp[view] [source] 2025-12-18 04:03:14
>>denkmo+(OP)
Foomuuri is ALMOST there.

I mean there are some payload over payload like GRE VPE/VXLAN/VLAN or IPSec that needs to be written in raw nft if using Foomuuni but it works!.

But I love the Shorewall approach and your configuration gracefully encapsulated Shorewall mechanic.

Disclaimer: I maintain vim-syntax-nftables syntax highlighter repo at Github.

[go to top]