I just uploaded a minor update of Pyroman to unstable and the pyroman download page on alioth. I added support for a complete interface wildcard, and added example configuration files for a single-host setup.

Pyroman is a firewall configuration tool I wrote for managing the firewall of a small network consisting of four zones and servers with a dozen different tasks. It plays very well in setups with DMZ, wireless networks, intranet etc. and all kinds of different services.

Key benefits are the very simple syntax, safeguards (extensive syntax checks, rollback on failure, safety timeout option for remote administration), scriptability in python and high performance, since it does not run dozens of iptables commands, but generates a script file for iptables-restore.

For more benefits, see the pyroman homepage.

The next version will probably feature an XML syntax additionally; while the current Python syntax is very powerful and readable, it’s pretty much impossible to write a GUI for editing the policy when written this way.

That’s why I’d like to add an XML syntax (that can be intermixed with Python statements, but only the XML-defined parts will be editable in the GUI) that supports the key parts of configuration (if you want the rules to be generated on the fly from some database or whatever, you’ll still be able to do that in Python!): making it easier to write a GUI for it.