ferm - maintain and setup complicated firewall rules

Property Value
Distribution Debian 9 (Stretch)
Repository Debian Main i386
Package filename ferm_2.3-2_all.deb
Package name ferm
Package version 2.3
Package release 2
Package architecture all
Package type deb
Category devel::compiler interface::commandline net network::firewall protocol::ipv6 role::program scope::utility security::firewall use::configuring
Homepage http://ferm.foo-projects.org/
License -
Maintainer Alexander Wirt <formorer@debian.org>
Download size 107.26 KB
Installed size 295.00 KB
ferm is a frontend for iptables. It reads the rules from a
structured configuration file and calls iptables(8) to insert them
into the running kernel.
ferm's goal is to make firewall rules easy to write and easy to
read. It tries to reduce the tedious task of writing down rules, thus
enabling the firewall administrator to spend more time on developing
good rules than the proper implementation of the rule.
To achieve this, ferm uses a simple but powerful configuration
language, which allows variables, functions, arrays, blocks. It also
allows you to include other files, allowing you to create libraries
of commonly used structures and functions.
ferm, pronounced "firm", stands for "For Easy Rule Making".


Package Version Architecture Repository
ferm_2.3-2_all.deb 2.3 all Debian Main
ferm - - -


Name Value
debconf >= 1.2.0
init-system-helpers >= 1.18~
iptables >= 1.3
lsb-base >= 3.0-6
perl >= 5.6


Type URL
Mirror ftp.br.debian.org
Binary Package ferm_2.3-2_all.deb
Source Package ferm

Install Howto

  1. Update the package index:
    # sudo apt-get update
  2. Install ferm deb package:
    # sudo apt-get install ferm




2016-06-12 - Alexander Wirt <formorer@debian.org>
ferm (2.3-2) unstable; urgency=medium
* [3e49919] Start ferm as before network and stop as late as possible
(Closes: #824188)
2016-04-30 - Alexander Wirt <formorer@debian.org>
ferm (2.3-1) unstable; urgency=medium
* Verify upstream gpg sig on tarballs
* Add gpg sig support to watchfile
* Imported Upstream version 2.3
2016-04-23 - Alexander Wirt <formorer@debian.org>
ferm (2.2-5) unstable; urgency=medium
* Reimport changes from 2.2-3.2
Closes: #796611
2016-04-20 - Alexander Wirt <formorer@debian.org>
ferm (2.2-4) unstable; urgency=medium
* [ec12e74] Don't fail if /var/cache/ferm isn't writable (Closes: #821895)
2016-03-29 - Felipe Sateler <fsateler@debian.org>
ferm (2.2-3.2) unstable; urgency=medium
* Non-maintainer upload.
* Fix breakage introduced by new systemd unit.
- Do not stop firewall on shutdown.
- Start after /var/cache is mounted and after network.
2016-03-28 - Felipe Sateler <fsateler@debian.org>
ferm (2.2-3.1) unstable; urgency=medium
* Non-maintainer upload.
* Add native systemd unit, to break ordering cycle. (Closes: #796611)
2014-10-25 - Alexander Wirt <formorer@debian.org>
ferm (2.2-3) unstable; urgency=medium
* [54e6ad3] Honor dpkg-statoverride for /etc&/ferm (Closes: #752686)
* [93d9656] Move manpage installation to debian/ferm.manpages
* [40ff883] Remove brace expansion to make lintian happy
* [2799fe7] Move to dh9
* [22429c9] Add some docs
* [6db22f7] Override some broken make targets
* [444b07c] wrap-and-sort
2014-04-15 - Alexander Wirt <formorer@debian.org>
ferm (2.2-2) unstable; urgency=medium
* [139cabd] Do not unconditionally overwrite ENABLED= in /etc/default/ferm.
Thanks to Christian Kastner for the patch (Closes: 714796)
2013-07-01 - Alexander Wirt <formorer@debian.org>
ferm (2.2-1) unstable; urgency=low
* [2df2b7b] Fix watchfile
* [0e32933] Imported Upstream version 2.2
2012-11-01 - Alexander Wirt <formorer@debian.org>
ferm (2.1.1-2) experimental; urgency=low
[ Salvatore Bonaccorso ]
* Fix "ferm: modifies conffiles (policy 10.7.3): /etc/default/ferm"
(Closes: #688377)
- Don't install ferm.default as conffile in /etc/default
- Read /etc/default/ferm in ferm.config.
If /etc/default/ferm exists and ENABLED= is present then store the
value of ENABLED into debconf db.
- Create /etc/default/ferm in postinst.
Create /etc/default/ferm if it does not yet exists in postinst.
Furthermore if the admin deleted or commented the ENABLED then (re-)add
it to the configuration file in postinst.
- Remove configuration file on purge in postrm script

See Also

Package Description
ferret-datasets_7.0-2_all.deb Datasets for use with Ferret Visualisation and analysis suite
ferret-vis_7.0-2_i386.deb Interactive data visualization and analysis environment
ferret_0.6-6_all.deb CASE tool for data model editing
festival-ca_3.0.6-1_all.deb Catalan support for Festival speech synthesis system
festival-czech_0.3-3_all.deb Czech support for Festival speech synthesis system
festival-dev_2.4~release-3+b1_i386.deb Development kit for the Festival speech synthesis system
festival-doc_2.4~release-3_all.deb Documentation for Festival
festival-freebsoft-utils_0.10-5_all.deb Festival extensions and utilities
festival-hi_0.1-9_all.deb festival text to speech synthesizer for Hindi language
festival-mr_0.1-9_all.deb festival text to speech synthesizer for Marathi language
festival-te_0.3.3-4_all.deb festival text to speech synthesizer for Telugu (te) language
festival_2.4~release-3+b1_i386.deb General multi-lingual speech synthesis system
festlex-cmu_1.4.0-8_all.deb CMU dictionary for Festival
festlex-ifd_2.0+debian0-3_all.deb Italian support for Festival
festlex-poslex_1.4.0-6_all.deb Part of speech lexicons and ngram from English