<div class="container">
<section class="section">
- <h3 class="title is-3">{{ _("Top Features") }}</h3>
+ <h3 class="title is-3">{{ _("Top Features") }}</h3>
<!-- this should talk more about what IPFire can do instead of how it does it -->
<!-- brief and to the point. longer technical stuff goes below -->
</section>
<section class="section">
- <h3 class="title is-3">{{ _("Meet The Team") }}</h3>
+ <h3 class="title is-3">{{ _("Meet The Team") }}</h3>
{% set core_team = backend.groups.get_by_gid("core-team") %}
- <div class="columns is-one-third is-multiline"> <!-- Berechnungszeug nochmal fragen und so -->
+ <div class="columns is-multiline is-mobile">
{% for account in sorted(core_team, key=lambda a: a.created_at) %}
- <div class="column">
- <figure class="image is-256x256">
- <img class="is-rounded" src="{{ account.avatar_url(size=256) }}">
+ <div class="column has-text-centered">
+ <figure class="image is-128x128 is-inline-block">
+ <img class="is-rounded" src="{{ account.avatar_url(size=128) }}">
</figure>
- <h4 class="title is-4 has-text-centered has-text-weight-bold">{{ account.name or account.nickname }}</h5>
+ <h4 class="title is-4 has-text-weight-bold">{{ account.name or account.nickname }}</h5>
</div>
{% end %}
</div>
] %}
{% if team %}
- <div class="columns is-one-fifth is-multiline">
+ <div class="columns is-multiline is-mobile">
{% for account in sorted(team, key=lambda a: a.created_at) %}
- <div class="column is-2">
- <figure class="image is-64x64">
- <img class="is-rounded" src="{{ account.avatar_url(size=64) }}">
- </figure>
-
- <h6 class="title is-6 has-text-weight-bold">{{ account.name or account.nickname }}</h6>
+ <div class="column is-half-mobile is-one-third-tablet is-one-quarter-desktop is-one-fifth-widescreen is-one-fifth-fullhd">
+ <div class="columns is-vcentered is-mobile">
+ <div class="column is-narrow">
+ <figure class="image is-48x48">
+ <img class="is-rounded" src="{{ account.avatar_url(size=48) }}">
+ </figure>
+ </div>
+ <div class="column">
+ <h6 class="title is-6 has-text-weight-bold">{{ account.name or account.nickname }}</h6>
+ </div>
+ </div>
</div>
{% end %}
</div>
<section class="section is-medium">
<div class="block">
<button class="button is-fullwidth is-large is-primary">
- <a href="/download" class="is-capitalized">
- {{ _("DOWNLOAD IPFIRE NOW. IT'S FREE!") }}
+ <a href="/download">
+ <span class="is-hidden-touch">{{ _("DOWNLOAD IPFIRE NOW. IT'S FREE!") }}</span>
+ <span class="is-hidden-desktop">{{ _("DOWNLOAD NOW") }}</span>
</a>
</button>
</div>
</section>
- <div class="block"> <!-- Irgendwie fehlen heir Bullet Points ... Müssten laut Doc bei <ul> allerdings dabei sein-->
- <div class="columns">
- <div class="column is-one-third">
- <h6 class="title is-6">Network Security</h6>
-
- <ul>
- <li>Stateful inspection firewall</li>
- <li>
- Builtin network segmentation
- <ul>
- <li>Demilitarized Zone (DMZ)</li>
- <li>Separate network for wireless devices/guest network</li>
- </ul>
- </li>
- <li>Flexible rule creating with groups and visual aids</li>
- <li>Intrusion Prevention System</li>
- <li>
- Rate Limiting to Protect Servers from DoS attacks
- and Maximum Connection Limits
- </li>
- <li>SYN-flood Protection</li>
- <li>Country-based Firewall Rules</li>
- <li>Source and Destination NAT Rules</li>
- <li>Time-based Firewall Rules</li>
- <li>MAC address-based Firewall Rules</li>
- <li>Blocking of P2P Networks</li>
- <li>Connection Logging</li>
- </ul>
-
- <h6 class="title is-6">Network Features</h6>
-
- <ul>
- <li>VLAN (802.1q)</li>
- <li>Port Bridging</li>
- <li>Spanning Tree Protocol Support</li>
- <li>Wireless Access Point</li>
- <li>Live Connection Tracking</li>
- <li>Static Routes</li>
- <li>Dynamic Routing with Bird or FRR using BGP/OSPF</li>
- <li>
- DHCP Server
- <ul>
- <li>Static Leases</li>
- <li>DNS Update (RFC2136)</li>
- <li>Support for DHCP Options</li>
- </ul>
- </li>
- <li>Network Time Server (NTP)</li>
- <li>Dynamic DNS Client with support for many providers</li>
- <li>
- Captive Portal
- <ul>
- <li>Terms & Conditions or Coupon</li>
- <li>Customizable to your corporate design</li>
- <li>Coupon Code Export in PDF Format</li>
- <li>Flexible Coupon Expiry Times</li>
- </ul>
- </li>
- <li>Wake-on-LAN (WOL)</li>
- </ul>
-
- <h6 class="title is-6">Web Proxy</h6>
-
- <ul>
- <li>Transparent Mode</li>
- <li>Support for Upstream Proxies with Authentication</li>
- <li>Advanced Logging</li>
- <li>In Memory and on Disk Cache</li>
- <li>
- Network-based Access Control (ACL)
- <ul>
- <li>By IP Address</li>
- <li>By MAC Address</li>
- <li>Ban/Allow List</li>
- </ul>
- </li>
- <li>Time-based Rules</li>
- <li>Transfer Limits based on File Size</li>
- <li>Download Throttling per Network Zone or Host</li>
- <li>Anomaly Detection based on AS Information</li>
- <li>MIME Type Filter</li>
- <li>Classroom Extensions</li>
- <li>Web Proxy Auto-Discovery Protocol (WPAD)</li>
- <li>Proxy Auto-Config (PAC)</li>
- <li>
- Authentication
- <ul>
- <li>Local User Database</li>
- <li>Microsoft Windows Active Directory</li>
- <li>LDAP</li>
- <li>RADIUS</li>
- </ul>
- </li>
- <li>
- Advanced Content Filtering
- <ul>
- <li>Blocklist-based Access Blocking</li>
- <li>Support for Various Blocklist Providers</li>
- <li>Automatic List Update</li>
- <li>Custom Blocklists</li>
- <li>Custom Allowlists</li>
- <li>Custom Expression Lists</li>
- <li>Filter by File Extension</li>
- <li>Custom Error Page</li>
- </ul>
- </li>
- <li>
- Advanced Update Caching
- <ul>
- <li>Microsoft Windows</li>
- <li>Apple Operating Systems</li>
- <li>Adobe</li>
- <li>Mozilla</li>
- <li>
- Various Anti-Virus Signatures including
- Avast,
- Avira,
- AVG,
- McAffee,
- Trend Micro,
- and Symantec
- </li>
- </ul>
- </li>
- </ul>
- </div>
-
- <div class="column is-one-third">
- <h6 class="title is-6">WAN Features</h6>
-
- <ul>
- <li>Support for Fibre, DSL, Cable and 5G/4G/3G</li>
- <li>Multiple Public IP Addresses</li>
- <li>Automatic failover for dialup connections</li>
- <li>User-Assignable MAC Address</li>
- </ul>
-
- <h6 class="title is-6">VPN</h6>
-
- <ul>
- <li>
- IPsec
- <ul>
- <li>Net-to-Net and Net-to-Host Mode</li>
- <li>Support for IKEv2 and IKEv1</li>
- <li>Public Key and Pre-Shared-Secret Authentication</li>
- <li>
- Encryption
- <ul>
- <li>AES (CBC, GCM)</li>
- <li>ChaCha20-Poly1305</li>
- <li>Camellia</li>
- <li>3DES</li>
- </ul>
- </li>
- <li>
- Integrity
- <ul>
- <li>SHA2 512/384/256 Bit</li>
- <li>AES XCBC</li>
- <li>SHA1</li>
- <li>MD5</li>
- </ul>
- </li>
- <li>
- Key Exchange
- <ul>
- <li>Curve-25519, Curve-448</li>
- <li>NIST ECP-521, 384, 256, 224, or 192 Bit</li>
- <li>Brainpool ECP-512, 384, 256, or 224 Bit</li>
- <li>RSA 8192, 6144, 4096, 3072, 2048, 1536, 1024, or 768 Bit</li>
- </ul>
- </li>
- <li>Hardware-accelerated Encryption</li>
- <li>Tunnel and Transport Mode</li>
- <li>Encapsulation with GRE and VTI</li>
- <li>Dead Peer Detection</li>
- <li>Perfect Forward Secrecy</li>
- <li>MOBIKE</li>
- <li>On-demand mode</li>
- <li>Payload Compression</li>
- <li>Easy connection export to Apple Mac OS/iOS devices</li>
- </ul>
- </li>
- <li>
- OpenVPN
- <ul>
- <li>Net-to-Net and Net-to-Host Mode</li>
- <li>Public Key Authentication</li>
- <li>
- Encryption
- <ul>
- <li>AES (CBC, GCM)</li>
- <li>Camellia</li>
- <li>SEED</li>
- <li>DES/3DES</li>
- <li>Blowfish</li>
- <li>CAST5</li>
- </ul>
- </li>
- <li>
- Integrity
- <ul>
- <li>SHA2 512, 384, or 256 Bit</li>
- <li>Whirpool</li>
- <li>SHA1</li>
- </ul>
- </li>
- <li>TLS Authentication</li>
- <li>TLS Channel Protection</li>
- <li>LZO Compression</li>
- <li>Configuration Export/Import in ZIP Format</li>
- </ul>
- </li>
- </ul>
-
- <h6 class="title is-6">Quality of Service (QoS)</h6>
-
- <ul>
- <li>Inbound & Outbound Traffic Shaping</li>
- <li>Latency Minimization</li>
- <li>Classify Traffic by IP Address, Protocol, or Ports</li>
- <li>Layer7 Protocol Detection</li>
- </ul>
- </div>
-
- <div class="column is-one-third">
- <h6 class="title is-6">Intrusion Prevention System</h6>
-
- <ul>
- <li>Live Deep Packet Analysis</li>
- <li>Graphical Rule Editor</li>
- <li>Support for Various Rule Providers</li>
- <li>Automatic Ruleset Updates</li>
- </ul>
-
- <h6 class="title is-6">DNS</h6>
-
- <ul>
- <li>Internal DNSSEC-validating DNS proxy</li>
- <li>Caching for faster DNS response times</li>
- <li>Local hostnames</li>
- <li>DNS Forwarding for Zones</li>
- <li>Configuration of multiple upstream DNS recursors</li>
- <li>Recursor/Standalone Mode</li>
- <li>DNS-over-TLS, TCP or UDP</li>
- <li>SafeSearch</li>
- <li>QNAME Minimization</li>
- </ul>
+ <section class="section">
+ <div class="block"> <!-- Irgendwie fehlen heir Bullet Points ... Müssten laut Doc bei <ul> allerdings dabei sein-->
+ <div class="columns">
+ <div class="column is-one-third content">
+ <h6>Network Security</h6>
+
+ <ul>
+ <li>Stateful inspection firewall</li>
+ <li>
+ Builtin network segmentation
+ <ul>
+ <li>Demilitarized Zone (DMZ)</li>
+ <li>Separate network for wireless devices/guest network</li>
+ </ul>
+ </li>
+ <li>Flexible rule creating with groups and visual aids</li>
+ <li>Intrusion Prevention System</li>
+ <li>
+ Rate Limiting to Protect Servers from DoS attacks
+ and Maximum Connection Limits
+ </li>
+ <li>SYN-flood Protection</li>
+ <li>Country-based Firewall Rules</li>
+ <li>Source and Destination NAT Rules</li>
+ <li>Time-based Firewall Rules</li>
+ <li>MAC address-based Firewall Rules</li>
+ <li>Blocking of P2P Networks</li>
+ <li>Connection Logging</li>
+ </ul>
+
+ <h6>Network Features</h6>
+
+ <ul>
+ <li>VLAN (802.1q)</li>
+ <li>Port Bridging</li>
+ <li>Spanning Tree Protocol Support</li>
+ <li>Wireless Access Point</li>
+ <li>Live Connection Tracking</li>
+ <li>Static Routes</li>
+ <li>Dynamic Routing with Bird or FRR using BGP/OSPF</li>
+ <li>
+ DHCP Server
+ <ul>
+ <li>Static Leases</li>
+ <li>DNS Update (RFC2136)</li>
+ <li>Support for DHCP Options</li>
+ </ul>
+ </li>
+ <li>Network Time Server (NTP)</li>
+ <li>Dynamic DNS Client with support for many providers</li>
+ <li>
+ Captive Portal
+ <ul>
+ <li>Terms & Conditions or Coupon</li>
+ <li>Customizable to your corporate design</li>
+ <li>Coupon Code Export in PDF Format</li>
+ <li>Flexible Coupon Expiry Times</li>
+ </ul>
+ </li>
+ <li>Wake-on-LAN (WOL)</li>
+ </ul>
+
+ <h6>Web Proxy</h6>
+
+ <ul>
+ <li>Transparent Mode</li>
+ <li>Support for Upstream Proxies with Authentication</li>
+ <li>Advanced Logging</li>
+ <li>In Memory and on Disk Cache</li>
+ <li>
+ Network-based Access Control (ACL)
+ <ul>
+ <li>By IP Address</li>
+ <li>By MAC Address</li>
+ <li>Ban/Allow List</li>
+ </ul>
+ </li>
+ <li>Time-based Rules</li>
+ <li>Transfer Limits based on File Size</li>
+ <li>Download Throttling per Network Zone or Host</li>
+ <li>Anomaly Detection based on AS Information</li>
+ <li>MIME Type Filter</li>
+ <li>Classroom Extensions</li>
+ <li>Web Proxy Auto-Discovery Protocol (WPAD)</li>
+ <li>Proxy Auto-Config (PAC)</li>
+ <li>
+ Authentication
+ <ul>
+ <li>Local User Database</li>
+ <li>Microsoft Windows Active Directory</li>
+ <li>LDAP</li>
+ <li>RADIUS</li>
+ </ul>
+ </li>
+ <li>
+ Advanced Content Filtering
+ <ul>
+ <li>Blocklist-based Access Blocking</li>
+ <li>Support for Various Blocklist Providers</li>
+ <li>Automatic List Update</li>
+ <li>Custom Blocklists</li>
+ <li>Custom Allowlists</li>
+ <li>Custom Expression Lists</li>
+ <li>Filter by File Extension</li>
+ <li>Custom Error Page</li>
+ </ul>
+ </li>
+ <li>
+ Advanced Update Caching
+ <ul>
+ <li>Microsoft Windows</li>
+ <li>Apple Operating Systems</li>
+ <li>Adobe</li>
+ <li>Mozilla</li>
+ <li>
+ Various Anti-Virus Signatures including
+ Avast,
+ Avira,
+ AVG,
+ McAffee,
+ Trend Micro,
+ and Symantec
+ </li>
+ </ul>
+ </li>
+ </ul>
+ </div>
- <h6 class="title is-6">Operating System</h6>
+ <div class="column is-one-third content">
+ <h6>WAN Features</h6>
+
+ <ul>
+ <li>Support for Fibre, DSL, Cable and 5G/4G/3G</li>
+ <li>Multiple Public IP Addresses</li>
+ <li>Automatic failover for dialup connections</li>
+ <li>User-Assignable MAC Address</li>
+ </ul>
+
+ <h6>VPN</h6>
+
+ <ul>
+ <li>
+ IPsec
+ <ul>
+ <li>Net-to-Net and Net-to-Host Mode</li>
+ <li>Support for IKEv2 and IKEv1</li>
+ <li>Public Key and Pre-Shared-Secret Authentication</li>
+ <li>
+ Encryption
+ <ul>
+ <li>AES (CBC, GCM)</li>
+ <li>ChaCha20-Poly1305</li>
+ <li>Camellia</li>
+ <li>3DES</li>
+ </ul>
+ </li>
+ <li>
+ Integrity
+ <ul>
+ <li>SHA2 512/384/256 Bit</li>
+ <li>AES XCBC</li>
+ <li>SHA1</li>
+ <li>MD5</li>
+ </ul>
+ </li>
+ <li>
+ Key Exchange
+ <ul>
+ <li>Curve-25519, Curve-448</li>
+ <li>NIST ECP-521, 384, 256, 224, or 192 Bit</li>
+ <li>Brainpool ECP-512, 384, 256, or 224 Bit</li>
+ <li>RSA 8192, 6144, 4096, 3072, 2048, 1536, 1024, or 768 Bit</li>
+ </ul>
+ </li>
+ <li>Hardware-accelerated Encryption</li>
+ <li>Tunnel and Transport Mode</li>
+ <li>Encapsulation with GRE and VTI</li>
+ <li>Dead Peer Detection</li>
+ <li>Perfect Forward Secrecy</li>
+ <li>MOBIKE</li>
+ <li>On-demand mode</li>
+ <li>Payload Compression</li>
+ <li>Easy connection export to Apple Mac OS/iOS devices</li>
+ </ul>
+ </li>
+ <li>
+ OpenVPN
+ <ul>
+ <li>Net-to-Net and Net-to-Host Mode</li>
+ <li>Public Key Authentication</li>
+ <li>
+ Encryption
+ <ul>
+ <li>AES (CBC, GCM)</li>
+ <li>Camellia</li>
+ <li>SEED</li>
+ <li>DES/3DES</li>
+ <li>Blowfish</li>
+ <li>CAST5</li>
+ </ul>
+ </li>
+ <li>
+ Integrity
+ <ul>
+ <li>SHA2 512, 384, or 256 Bit</li>
+ <li>Whirpool</li>
+ <li>SHA1</li>
+ </ul>
+ </li>
+ <li>TLS Authentication</li>
+ <li>TLS Channel Protection</li>
+ <li>LZO Compression</li>
+ <li>Configuration Export/Import in ZIP Format</li>
+ </ul>
+ </li>
+ </ul>
+
+ <h6>Quality of Service (QoS)</h6>
+
+ <ul>
+ <li>Inbound & Outbound Traffic Shaping</li>
+ <li>Latency Minimization</li>
+ <li>Classify Traffic by IP Address, Protocol, or Ports</li>
+ <li>Layer7 Protocol Detection</li>
+ </ul>
+ </div>
- <ul>
- <li>Comfortable Web User Interface in various languages</li>
- <li>Simple One-Click Updates</li>
- <li>Configuration Backup and Restore</li>
- <li>Detailed System Health Reports and Graphs</li>
- <li>Console Access with SSH</li>
- <li>Serial Console</li>
- <li>Hardware Vulnerability Reporting</li>
- <li>Email Notifications</li>
- <li>Remote Syslog</li>
- <li>SNMP/Zabbix/Observium Monitoring</li>
- </ul>
+ <div class="column is-one-third content">
+ <h6>Intrusion Prevention System</h6>
+
+ <ul>
+ <li>Live Deep Packet Analysis</li>
+ <li>Graphical Rule Editor</li>
+ <li>Support for Various Rule Providers</li>
+ <li>Automatic Ruleset Updates</li>
+ </ul>
+
+ <h6>DNS</h6>
+
+ <ul>
+ <li>Internal DNSSEC-validating DNS proxy</li>
+ <li>Caching for faster DNS response times</li>
+ <li>Local hostnames</li>
+ <li>DNS Forwarding for Zones</li>
+ <li>Configuration of multiple upstream DNS recursors</li>
+ <li>Recursor/Standalone Mode</li>
+ <li>DNS-over-TLS, TCP or UDP</li>
+ <li>SafeSearch</li>
+ <li>QNAME Minimization</li>
+ </ul>
+
+ <h6>Operating System</h6>
+
+ <ul>
+ <li>Comfortable Web User Interface in various languages</li>
+ <li>Simple One-Click Updates</li>
+ <li>Configuration Backup and Restore</li>
+ <li>Detailed System Health Reports and Graphs</li>
+ <li>Console Access with SSH</li>
+ <li>Serial Console</li>
+ <li>Hardware Vulnerability Reporting</li>
+ <li>Email Notifications</li>
+ <li>Remote Syslog</li>
+ <li>SNMP/Zabbix/Observium Monitoring</li>
+ </ul>
+ </div>
</div>
</div>
</div>
- </div>
+ </section>
{% end block %}