This script is for Slackware 14.1 only and may be outdated.

SlackBuilds Repository

14.1 > Network > firehol (1.296)

firehol is an easy to use but powerfull iptables stateful firewall for

FireHOL uses an extremely simple but powerfull way to define firewall rules
which it turns into complete stateful iptables firewalls. FireHOL is a
generic firewall generator, meaning that you can design any kind of local
or routing stateful packet filtering firewalls with ease.

You can run FireHOL with the 'helpme' argument, to get a configuration file
for the system run, which you can modify according to your needs.

You can find example config files in /usr/doc/firehol-<ver>/examples. This
directory contains examples from a simple client machine, to a lan-wan
gateway or an office server.

The default config file in the package contains only a note about where to
find config file examples (/usr/doc/firehol-<ver>/examples), because it is
empty it is not handled as a usual config file. If a user has a real one,
this "example" is simply deleted.

There is a script to fetch reserved IPs from iana, It is
renamed to firehol-get-iana, and placed to /usr/sbin. You have to run it at
least once, to silence firehol startup warnings about missing files.

There is an script to fetch the IPs of popular add servers,
which can be blacklisted, see the file for the details. It is renamed to
firehol-adblock and it is in /usr/sbin.

In addition to the man pages there is a full html documentation in


For example this is a sample firewall for simple home machine with samba
and ssh:

>version 5
>interface any world
> policy reject
> server dns accept
> server dhcp accept
> server icmp accept
> server ssh accept
> server samba accept
> client all accept


This is a stripped down home server and router configuration (for a
sophisticated version of this file see /usr/doc/firehol)

>version 5
>interface eth0 home
> server "dns ftp samba squid dhcp http ssh icmp" accept
> client "samba icmp" accept
>interface ppp+ internet
> server "smtp http ftp" accept
> client allaccept
>router home2internet inface eth0 outface ppp+
> route all accept

Maintained by: fdeak
Keywords: firewall
ChangeLog: firehol


Source Downloads:
firehol-1.296.tar.gz (7b634a0e1a338acfa782e6dca1adf5b7)

Download SlackBuild:
firehol.tar.gz.asc (FAQ)

(the SlackBuild does not include the source)

Validated for Slackware 14.1

See our HOWTO for instructions on how to use the contents of this repository.

Access to the repository is available via:
ftp git cgit http rsync

© 2006-2023 Project. All rights reserved.
Slackware® is a registered trademark of Patrick Volkerding
Linux® is a registered trademark of Linus Torvalds