NuFace
======

NuFace web interface allows you to configure a nufw based firewall (or a
simple Netfilter firewall).

With nuface, way of work is to use followings objects:

 - resources: the source of a connection
 - subjects: the initiator of a connection : can be an IPv4 object or a NuFW
   authenticated user, or a combination (and/or) of both.
 - protocols: used to define technical parameters of a connection: ports, icmp
   types, protocols, etc...
 - acls use one element of each class defined above.
 - floatings: theses are working elements, used to easily manipulate and move
   objects that are handled by the web interface. The floatting elements are
   never saved to file, they are to be used within one session only.

NuFace homepage: http://software.inl.fr/trac/wiki/EdenWall/NuFace

Contact by email: nuface@inl.fr


NuFace components
=================

To generate iptables scripts, nuface uses a python script: nupyf.

NuFace uses /etc/init.d/init-firewall to load iptables rules in the right way.

Currently nuface handles FORWARD, INPUT and OUTPUT rules.

Specific rules can be written in /etc/network/firewall/local_rules:
 - Files names must be prefixed by filter, nat or mangle.
 - Filter and nat rules must be in iptables-restore format:
   -A FORWARD -p tcp --dport 22 -j ACCEPT
and rules for mangle table in {pre,post}_mangle.


Installation
============

For instructions about how to install nuface, see file: INSTALL


Documentation
=============

Documentation for nuface and nupyf is available in docbook format and html:
see directory "doc".

Right now the documentation for nuface is available in french and english
as well.