Skip to content

Getting Started

The easiest way to install Foomuuri is to use packages from your Linux distribution.

See host firewall for example /etc/foomuuri/foomuuri.conf configuration file.

Fedora, RHEL, CentOS Stream

Foomuuri is included to Fedora and to EPEL.

# Install packages
dnf install foomuuri foomuuri-firewalld

# Configure Foomuuri and verify it
$EDITOR /etc/foomuuri/foomuuri.conf
foomuuri check

# Disable and stop current firewall, for example:
systemctl disable firewalld.service
systemctl disable shorewall.service
systemctl disable shorewall6.service
systemctl disable shorewall-init.service
nft flush ruleset

# Enable and start Foomuuri
systemctl enable foomuuri.service
systemctl start foomuuri.service

# Check journal log for Foomuuri logging
journalctl --follow --dmesg

Debian, Ubuntu

Foomuuri is include to Debian sid, forky, trixie (13) and bookworm-backports (12), Ubuntu 23.10 (Mantic) and Ubuntu 24.04 (Noble).

# Install packages
apt install foomuuri foomuuri-firewalld

# Configure Foomuuri and verify it
$EDITOR /etc/foomuuri/foomuuri.conf
foomuuri check

# Disable and stop current firewall, for example:
systemctl disable firewalld.service
systemctl disable shorewall.service
systemctl disable shorewall6.service
systemctl disable shorewall-init.service
nft flush ruleset

# Enable and start Foomuuri
systemctl enable foomuuri.service
systemctl start foomuuri.service

# Check journal log for Foomuuri logging
journalctl --follow --dmesg

Arch Linux

Foomuuri is included to Arch User Repository (AUR).

# Build and install packages
git clone https://aur.archlinux.org/foomuuri.git
cd foomuuri
makepkg
pacman -U foomuuri-*-x86_64.pkg.tar.zst

# Configure Foomuuri and verify it
$EDITOR /etc/foomuuri/foomuuri.conf
foomuuri check

# Disable and stop current firewall, for example:
systemctl disable firewalld.service
systemctl disable shorewall.service
systemctl disable shorewall6.service
systemctl disable shorewall-init.service
nft flush ruleset

# Enable and start Foomuuri
systemctl enable foomuuri.service
systemctl start foomuuri.service

# Check journal log for Foomuuri logging
journalctl --follow --dmesg

Source code

Source code tarball is available in releases page.

Foomuuri depends on nftables (version 1.0.0 or higher) and python (version 3.9 or higher). Optional but highly recommended D-Bus support needs python3-dbus and python3-gobject (called python3-gi in some distributions).

Optionally Foomuuri will use python3-systemd, python3-requests and python3-lxml if they are available.

Older version of nftables will work if a patch is applied.

# Untar source
tar xf foomuuri-0.??.tar.gz
cd foomuuri-0.??

# Install it to root filesystem
sudo make install DESTDIR=/
sudo systemctl daemon-reload

# Configure Foomuuri and verify it
$EDITOR /etc/foomuuri/foomuuri.conf
foomuuri check

# Disable and stop current firewall, for example:
systemctl disable firewalld.service
systemctl disable shorewall.service
systemctl disable shorewall6.service
systemctl disable shorewall-init.service
nft flush ruleset

# Enable and start Foomuuri
systemctl enable foomuuri.service
systemctl start foomuuri.service

# Check journal log for Foomuuri logging
journalctl --follow --dmesg