]>
Commit | Line | Data |
---|---|---|
8ea3eaa2 | 1 | {% extends "../base.html" %} |
e9f2963b MT |
2 | |
3 | {% block title %}{{ _("About IPFire") }}{% end block %} | |
4 | ||
5 | {% block container %} | |
a94d97d8 RH |
6 | <section class="hero has-background-primary-light"> |
7 | <div class="hero-body"> | |
8 | <div class="container"> | |
9 | <nav class="breadcrumb is-medium" aria-label="breadcrumbs"> | |
10 | <ul> | |
11 | <li> | |
12 | <a href="/">Home</a> | |
13 | </li> | |
14 | <li class="is-active"> | |
15 | <a href="#" aria-current="page">About</a> | |
16 | </li> | |
17 | </ul> | |
18 | </nav> | |
3f962e91 MT |
19 | <h1 class="title is-1"> |
20 | About IPFire<span class="has-text-primary">_</span> | |
21 | </h1> | |
8ed8eee6 | 22 | <p class="subtitle">The Open Source Firewall</p> |
a94d97d8 | 23 | </div> |
e9f2963b | 24 | </div> |
a94d97d8 RH |
25 | </section> |
26 | ||
e9f2963b | 27 | <div class="container"> |
4aaca481 | 28 | <section class="section"> |
3f962e91 MT |
29 | <div class="block"> |
30 | <p class="is-size-4"> | |
31 | <strong>IPFire<span class="has-text-primary">_</span></strong> | |
32 | is the world's leading Open Source firewall distribution. | |
33 | Businesses across the world have chosen to put their trust | |
34 | in our versatile, feature-rich solution with its easy-to-use | |
35 | web management console. Why not join them today? | |
36 | </p> | |
37 | </div> | |
38 | </section> | |
0360cc69 | 39 | |
3f962e91 MT |
40 | <section class="section"> |
41 | <div class="block"> | |
42 | <div class="columns is-multiline"> | |
43 | <div class="column is-half"> | |
44 | <div class="columns is-mobile is-vcentered"> | |
45 | <div class="column is-3 has-text-centered"> | |
64bc5541 | 46 | <i class="fas fa-shield-halved fa-5x"></i> |
3f962e91 | 47 | </div> |
e9f2963b | 48 | |
3f962e91 MT |
49 | <div class="column"> |
50 | <p class="title is-5">Security by Design</p> | |
e9f2963b | 51 | |
3f962e91 MT |
52 | <p> |
53 | Network segmentation is the key to a secure network. | |
54 | IPFire sets up a DMZ for your local infrastructure or a | |
55 | guest network for any visitors separating and protecting | |
56 | other parts of your network. | |
57 | </p> | |
58 | </div> | |
59 | </div> | |
60 | </div> | |
e9f2963b | 61 | |
3f962e91 MT |
62 | <div class="column is-half"> |
63 | <div class="columns is-mobile is-vcentered"> | |
64 | <div class="column is-3 has-text-centered"> | |
64bc5541 | 65 | <i class="fas fa-rocket fa-5x"></i> |
3f962e91 | 66 | </div> |
e9f2963b | 67 | |
3f962e91 MT |
68 | <div class="column"> |
69 | <p class="title is-5">Industry-Leading Firewall Engine</p> | |
e9f2963b | 70 | |
3f962e91 MT |
71 | <p> |
72 | Our stateful packet inspection firewall engine analyses | |
73 | traffic for the latest threats and performs | |
74 | deep packet inspection in real time. | |
75 | Due to our smart user interface, creating even complex | |
76 | setups is quick and straight-forward. | |
77 | </p> | |
78 | </div> | |
79 | </div> | |
80 | </div> | |
e9f2963b | 81 | |
3f962e91 MT |
82 | <div class="column is-half"> |
83 | <div class="columns is-mobile is-vcentered"> | |
84 | <div class="column is-3 has-text-centered"> | |
64bc5541 | 85 | <i class="fas fa-network-wired fa-5x"></i> |
3f962e91 | 86 | </div> |
e9f2963b | 87 | |
3f962e91 MT |
88 | <div class="column"> |
89 | <p class="title is-5">We Connect the World</p> | |
e9f2963b | 90 | |
3f962e91 | 91 | <p> |
196dfc15 RH |
92 | We securely connect your employees to their desks at home, |
93 | your global business partners and the infrastructure in your data centre, | |
94 | giving you maximum flexibility so that you can focus on what really matters. | |
3f962e91 MT |
95 | </p> |
96 | </div> | |
97 | </div> | |
98 | </div> | |
e9f2963b | 99 | |
3f962e91 MT |
100 | <div class="column is-half"> |
101 | <div class="columns is-mobile is-vcentered"> | |
102 | <div class="column is-3 has-text-centered"> | |
64bc5541 | 103 | <span class="fas fa-thumbs-up fa-5x"></span> |
3f962e91 MT |
104 | </div> |
105 | ||
106 | <div class="column"> | |
107 | <p class="title is-5">Easy to Use</p> | |
108 | ||
109 | <p> | |
110 | IPFire is managed over a web-based console which | |
111 | is powerful, yet easy to use. | |
112 | Each feature is just one click away. | |
113 | Advanced reporting and real time graphs give you | |
114 | detailed insight into your network. | |
115 | </p> | |
116 | </div> | |
117 | </div> | |
118 | </div> | |
119 | ||
120 | <div class="column is-half"> | |
121 | <div class="columns is-mobile is-vcentered"> | |
122 | <div class="column is-3 has-text-centered"> | |
64bc5541 | 123 | <i class="fa-solid fa-earth-europe fa-5x"></i> |
3f962e91 MT |
124 | </div> |
125 | ||
126 | <div class="column"> | |
127 | <p class="title is-5">Supporting Global Standards</p> | |
128 | ||
129 | <p> | |
130 | Commonly deployed in businesses and educational organisations | |
131 | of all sizes, IPFire interoperates perfectly with solutions | |
132 | from other vendors making it an ideal drop-in replacement. | |
133 | </p> | |
134 | </div> | |
135 | </div> | |
136 | </div> | |
137 | ||
138 | <div class="column is-half"> | |
139 | <div class="columns is-mobile is-vcentered"> | |
140 | <div class="column is-3 has-text-centered"> | |
64bc5541 | 141 | <i class="fas fa-terminal fa-5x"></i> |
3f962e91 MT |
142 | </div> |
143 | ||
144 | <div class="column"> | |
145 | <p class="title is-5">Free As In Freedom</p> | |
146 | ||
147 | <p> | |
148 | IPFire is free software. | |
149 | Our community develops and reviews all changes going | |
150 | into the code base and IPFire is regularly audited by | |
151 | independent third parties. | |
152 | Become a part of the community and help us | |
153 | to continue improving IPFire! | |
154 | </p> | |
155 | </div> | |
156 | </div> | |
157 | </div> | |
e9f2963b MT |
158 | </div> |
159 | </div> | |
160 | </section> | |
0610dc2c | 161 | |
3f962e91 | 162 | <section class="section"> |
ea6757b8 MT |
163 | <a class="button is-primary is-large is-fullwidth" href="/download"> |
164 | <span class="is-hidden-touch">{{ _("DOWNLOAD IPFIRE NOW. IT'S FREE!") }}</span> | |
165 | <span class="is-hidden-desktop">{{ _("DOWNLOAD NOW") }}</span> | |
166 | </a> | |
3f962e91 MT |
167 | |
168 | <!-- any screenshots go here --> | |
169 | </section> | |
170 | ||
4aaca481 | 171 | <section class="section"> |
0b4ce8c4 | 172 | <h3 class="title is-3">{{ _("Meet The Team") }}</h3> |
0610dc2c | 173 | |
3f962e91 MT |
174 | <div class="block"> |
175 | <p class="is-size-5"> | |
176 | IPFire is built by a group of experts from various backgrounds and places | |
177 | and we could not do it without our great community around us. | |
178 | ||
179 | <a href="/donate">Support our work with your donation!</a> | |
180 | </p> | |
181 | </div> | |
182 | ||
0610dc2c MT |
183 | {% set core_team = backend.groups.get_by_gid("core-team") %} |
184 | ||
f72e375e MT |
185 | <div class="block"> |
186 | <div class="columns is-multiline is-mobile"> | |
187 | {% for account in sorted(core_team, key=lambda a: a.created_at) %} | |
188 | <div class="column has-text-centered"> | |
189 | <figure class="image is-128x128 is-inline-block"> | |
190 | <img class="is-rounded" src="{{ account.avatar_url(size=128) }}"> | |
191 | </figure> | |
192 | ||
193 | <h4 class="title is-4 has-text-weight-bold">{{ account.name or account.nickname }}</h5> | |
194 | </div> | |
195 | {% end %} | |
196 | </div> | |
0610dc2c MT |
197 | </div> |
198 | ||
199 | {% set team = [ | |
200 | a for a in backend.groups.get_by_gid("contributors") if not a in core_team | |
201 | ] %} | |
202 | ||
203 | {% if team %} | |
f72e375e MT |
204 | <div class="block"> |
205 | <div class="columns is-multiline is-mobile"> | |
206 | {% for account in sorted(team, key=lambda a: a.created_at) %} | |
207 | <div class="column is-half-mobile is-one-third-tablet is-one-quarter-desktop is-one-fifth-widescreen is-one-fifth-fullhd"> | |
208 | <div class="columns is-vcentered is-mobile"> | |
209 | <div class="column is-narrow"> | |
210 | <figure class="image is-48x48"> | |
211 | <img class="is-rounded" src="{{ account.avatar_url(size=48) }}"> | |
212 | </figure> | |
213 | </div> | |
214 | <div class="column"> | |
215 | <h6 class="title is-6 has-text-weight-bold">{{ account.name or account.nickname }}</h6> | |
216 | </div> | |
0b4ce8c4 RH |
217 | </div> |
218 | </div> | |
f72e375e MT |
219 | {% end %} |
220 | </div> | |
0610dc2c MT |
221 | </div> |
222 | {% end %} | |
321e89e6 MT |
223 | |
224 | <!-- Talk about funding. Donations, how LWL supports the project --> | |
225 | </section> | |
226 | </div> | |
227 | ||
228 | <div class="container"> | |
d3b246c7 RH |
229 | <section class="section"> |
230 | <div class="block"> | |
3f962e91 | 231 | <h3 class="title is-3">{{ _("Under The Hood") }}</h3> |
d3b246c7 RH |
232 | |
233 | <div class="columns"> | |
234 | <div class="column is-one-fourth"> | |
235 | IPFire is not only an app that you install, it is a whole operating | |
236 | system based on Linux, hardened and tuned to the maximum to serve | |
237 | as a firewall. | |
238 | Regular updates help keeping even the hardest kind of hacker out. | |
239 | </div> | |
321e89e6 | 240 | |
d3b246c7 RH |
241 | <div class="column"> |
242 | The stateful inspection firewall that is working inside IPFire | |
243 | is one of the fastest of its kind. | |
244 | Configuration of even complex rulesets becomes easy with | |
245 | groups for hosts and services on the network and help you | |
246 | to keep things in order, even when it gets complicated. | |
247 | </div> | |
321e89e6 MT |
248 | </div> |
249 | </div> | |
d3b246c7 | 250 | </section> |
321e89e6 | 251 | |
0b4ce8c4 | 252 | <section class="section"> |
811ede6a | 253 | <div class="block"> |
0b4ce8c4 RH |
254 | <div class="columns"> |
255 | <div class="column is-one-third content"> | |
256 | <h6>Network Security</h6> | |
257 | ||
258 | <ul> | |
259 | <li>Stateful inspection firewall</li> | |
260 | <li> | |
261 | Builtin network segmentation | |
262 | <ul> | |
263 | <li>Demilitarized Zone (DMZ)</li> | |
264 | <li>Separate network for wireless devices/guest network</li> | |
265 | </ul> | |
266 | </li> | |
267 | <li>Flexible rule creating with groups and visual aids</li> | |
268 | <li>Intrusion Prevention System</li> | |
269 | <li> | |
270 | Rate Limiting to Protect Servers from DoS attacks | |
271 | and Maximum Connection Limits | |
272 | </li> | |
273 | <li>SYN-flood Protection</li> | |
274 | <li>Country-based Firewall Rules</li> | |
275 | <li>Source and Destination NAT Rules</li> | |
276 | <li>Time-based Firewall Rules</li> | |
277 | <li>MAC address-based Firewall Rules</li> | |
278 | <li>Blocking of P2P Networks</li> | |
279 | <li>Connection Logging</li> | |
280 | </ul> | |
281 | ||
282 | <h6>Network Features</h6> | |
283 | ||
284 | <ul> | |
285 | <li>VLAN (802.1q)</li> | |
286 | <li>Port Bridging</li> | |
287 | <li>Spanning Tree Protocol Support</li> | |
288 | <li>Wireless Access Point</li> | |
289 | <li>Live Connection Tracking</li> | |
290 | <li>Static Routes</li> | |
291 | <li>Dynamic Routing with Bird or FRR using BGP/OSPF</li> | |
292 | <li> | |
293 | DHCP Server | |
294 | <ul> | |
295 | <li>Static Leases</li> | |
296 | <li>DNS Update (RFC2136)</li> | |
297 | <li>Support for DHCP Options</li> | |
298 | </ul> | |
299 | </li> | |
300 | <li>Network Time Server (NTP)</li> | |
301 | <li>Dynamic DNS Client with support for many providers</li> | |
302 | <li> | |
303 | Captive Portal | |
304 | <ul> | |
305 | <li>Terms & Conditions or Coupon</li> | |
306 | <li>Customizable to your corporate design</li> | |
307 | <li>Coupon Code Export in PDF Format</li> | |
308 | <li>Flexible Coupon Expiry Times</li> | |
309 | </ul> | |
310 | </li> | |
311 | <li>Wake-on-LAN (WOL)</li> | |
312 | </ul> | |
313 | ||
314 | <h6>Web Proxy</h6> | |
315 | ||
316 | <ul> | |
317 | <li>Transparent Mode</li> | |
318 | <li>Support for Upstream Proxies with Authentication</li> | |
319 | <li>Advanced Logging</li> | |
320 | <li>In Memory and on Disk Cache</li> | |
321 | <li> | |
322 | Network-based Access Control (ACL) | |
323 | <ul> | |
324 | <li>By IP Address</li> | |
325 | <li>By MAC Address</li> | |
326 | <li>Ban/Allow List</li> | |
327 | </ul> | |
328 | </li> | |
329 | <li>Time-based Rules</li> | |
330 | <li>Transfer Limits based on File Size</li> | |
331 | <li>Download Throttling per Network Zone or Host</li> | |
332 | <li>Anomaly Detection based on AS Information</li> | |
333 | <li>MIME Type Filter</li> | |
334 | <li>Classroom Extensions</li> | |
335 | <li>Web Proxy Auto-Discovery Protocol (WPAD)</li> | |
336 | <li>Proxy Auto-Config (PAC)</li> | |
337 | <li> | |
338 | Authentication | |
339 | <ul> | |
340 | <li>Local User Database</li> | |
341 | <li>Microsoft Windows Active Directory</li> | |
342 | <li>LDAP</li> | |
343 | <li>RADIUS</li> | |
344 | </ul> | |
345 | </li> | |
346 | <li> | |
347 | Advanced Content Filtering | |
348 | <ul> | |
349 | <li>Blocklist-based Access Blocking</li> | |
350 | <li>Support for Various Blocklist Providers</li> | |
351 | <li>Automatic List Update</li> | |
352 | <li>Custom Blocklists</li> | |
353 | <li>Custom Allowlists</li> | |
354 | <li>Custom Expression Lists</li> | |
355 | <li>Filter by File Extension</li> | |
356 | <li>Custom Error Page</li> | |
357 | </ul> | |
358 | </li> | |
359 | <li> | |
360 | Advanced Update Caching | |
361 | <ul> | |
362 | <li>Microsoft Windows</li> | |
363 | <li>Apple Operating Systems</li> | |
364 | <li>Adobe</li> | |
365 | <li>Mozilla</li> | |
366 | <li> | |
367 | Various Anti-Virus Signatures including | |
368 | Avast, | |
369 | Avira, | |
370 | AVG, | |
371 | McAffee, | |
372 | Trend Micro, | |
373 | and Symantec | |
374 | </li> | |
375 | </ul> | |
376 | </li> | |
377 | </ul> | |
378 | </div> | |
321e89e6 | 379 | |
0b4ce8c4 RH |
380 | <div class="column is-one-third content"> |
381 | <h6>WAN Features</h6> | |
382 | ||
383 | <ul> | |
384 | <li>Support for Fibre, DSL, Cable and 5G/4G/3G</li> | |
385 | <li>Multiple Public IP Addresses</li> | |
386 | <li>Automatic failover for dialup connections</li> | |
387 | <li>User-Assignable MAC Address</li> | |
388 | </ul> | |
389 | ||
390 | <h6>VPN</h6> | |
391 | ||
392 | <ul> | |
393 | <li> | |
394 | IPsec | |
395 | <ul> | |
396 | <li>Net-to-Net and Net-to-Host Mode</li> | |
397 | <li>Support for IKEv2 and IKEv1</li> | |
398 | <li>Public Key and Pre-Shared-Secret Authentication</li> | |
399 | <li> | |
400 | Encryption | |
401 | <ul> | |
402 | <li>AES (CBC, GCM)</li> | |
403 | <li>ChaCha20-Poly1305</li> | |
404 | <li>Camellia</li> | |
405 | <li>3DES</li> | |
406 | </ul> | |
407 | </li> | |
408 | <li> | |
409 | Integrity | |
410 | <ul> | |
411 | <li>SHA2 512/384/256 Bit</li> | |
412 | <li>AES XCBC</li> | |
413 | <li>SHA1</li> | |
414 | <li>MD5</li> | |
415 | </ul> | |
416 | </li> | |
417 | <li> | |
418 | Key Exchange | |
419 | <ul> | |
420 | <li>Curve-25519, Curve-448</li> | |
421 | <li>NIST ECP-521, 384, 256, 224, or 192 Bit</li> | |
422 | <li>Brainpool ECP-512, 384, 256, or 224 Bit</li> | |
423 | <li>RSA 8192, 6144, 4096, 3072, 2048, 1536, 1024, or 768 Bit</li> | |
424 | </ul> | |
425 | </li> | |
426 | <li>Hardware-accelerated Encryption</li> | |
427 | <li>Tunnel and Transport Mode</li> | |
428 | <li>Encapsulation with GRE and VTI</li> | |
429 | <li>Dead Peer Detection</li> | |
430 | <li>Perfect Forward Secrecy</li> | |
431 | <li>MOBIKE</li> | |
432 | <li>On-demand mode</li> | |
433 | <li>Payload Compression</li> | |
434 | <li>Easy connection export to Apple Mac OS/iOS devices</li> | |
435 | </ul> | |
436 | </li> | |
437 | <li> | |
438 | OpenVPN | |
439 | <ul> | |
440 | <li>Net-to-Net and Net-to-Host Mode</li> | |
441 | <li>Public Key Authentication</li> | |
442 | <li> | |
443 | Encryption | |
444 | <ul> | |
445 | <li>AES (CBC, GCM)</li> | |
446 | <li>Camellia</li> | |
447 | <li>SEED</li> | |
448 | <li>DES/3DES</li> | |
449 | <li>Blowfish</li> | |
450 | <li>CAST5</li> | |
451 | </ul> | |
452 | </li> | |
453 | <li> | |
454 | Integrity | |
455 | <ul> | |
456 | <li>SHA2 512, 384, or 256 Bit</li> | |
457 | <li>Whirpool</li> | |
458 | <li>SHA1</li> | |
459 | </ul> | |
460 | </li> | |
461 | <li>TLS Authentication</li> | |
462 | <li>TLS Channel Protection</li> | |
463 | <li>LZO Compression</li> | |
464 | <li>Configuration Export/Import in ZIP Format</li> | |
465 | </ul> | |
466 | </li> | |
467 | </ul> | |
468 | ||
469 | <h6>Quality of Service (QoS)</h6> | |
470 | ||
471 | <ul> | |
472 | <li>Inbound & Outbound Traffic Shaping</li> | |
473 | <li>Latency Minimization</li> | |
474 | <li>Classify Traffic by IP Address, Protocol, or Ports</li> | |
475 | <li>Layer7 Protocol Detection</li> | |
476 | </ul> | |
477 | </div> | |
321e89e6 | 478 | |
0b4ce8c4 RH |
479 | <div class="column is-one-third content"> |
480 | <h6>Intrusion Prevention System</h6> | |
481 | ||
482 | <ul> | |
483 | <li>Live Deep Packet Analysis</li> | |
484 | <li>Graphical Rule Editor</li> | |
485 | <li>Support for Various Rule Providers</li> | |
486 | <li>Automatic Ruleset Updates</li> | |
487 | </ul> | |
488 | ||
489 | <h6>DNS</h6> | |
490 | ||
491 | <ul> | |
492 | <li>Internal DNSSEC-validating DNS proxy</li> | |
493 | <li>Caching for faster DNS response times</li> | |
494 | <li>Local hostnames</li> | |
495 | <li>DNS Forwarding for Zones</li> | |
496 | <li>Configuration of multiple upstream DNS recursors</li> | |
497 | <li>Recursor/Standalone Mode</li> | |
498 | <li>DNS-over-TLS, TCP or UDP</li> | |
499 | <li>SafeSearch</li> | |
500 | <li>QNAME Minimization</li> | |
501 | </ul> | |
502 | ||
503 | <h6>Operating System</h6> | |
504 | ||
505 | <ul> | |
506 | <li>Comfortable Web User Interface in various languages</li> | |
507 | <li>Simple One-Click Updates</li> | |
508 | <li>Configuration Backup and Restore</li> | |
509 | <li>Detailed System Health Reports and Graphs</li> | |
510 | <li>Console Access with SSH</li> | |
511 | <li>Serial Console</li> | |
512 | <li>Hardware Vulnerability Reporting</li> | |
513 | <li>Email Notifications</li> | |
514 | <li>Remote Syslog</li> | |
515 | <li>SNMP/Zabbix/Observium Monitoring</li> | |
516 | </ul> | |
517 | </div> | |
321e89e6 MT |
518 | </div> |
519 | </div> | |
d3b246c7 | 520 | </div> |
0b4ce8c4 | 521 | </section> |
e9f2963b | 522 | {% end block %} |