FERM is a tool to maintain complex firewalls, without having the
trouble to rewrite the complex rules over and over again. FERM
allows the entire firewall rule set to be stored in a separate file,
and to be loaded with one command. The firewall configuration
resembles structured programming-like language, which can contain
levels and lists.
The changes in this release are as follows: Variable support, fixing nonexistent parameters for log-[ip|tcp]-, strict keyword pattern matching, a new NOP action (for match-counting), a new automodule option for automaticly loading correct modules, fixing -m for mark in iptables mixo, fixes for relaxed matching tos values, fixes for mark missing as normal target, and an updated manual page. Ferm can be visited at: http://www.geo.vu.nl/~koka/ferm/