Skip to content

Installation

The easiest way to install Foomuuri is to use packages from your Linux distribution.

See host firewall for example /etc/foomuuri/foomuuri.conf configuration file.

Fedora, RHEL, CentOS Stream

Foomuuri is included to Fedora and to EPEL.

# Install packages
dnf install foomuuri foomuuri-firewalld

# Configure Foomuuri and verify it
$EDITOR /etc/foomuuri/foomuuri.conf
foomuuri check

# Disable and stop current firewall, for example:
systemctl disable firewalld.service
systemctl disable shorewall.service
systemctl disable shorewall6.service
systemctl disable shorewall-init.service
nft flush ruleset

# Start Foomuuri
systemctl start foomuuri.service

# Check journal log for firewall logging
journalctl --follow --dmesg

# If everything works, make Foomuuri persistent across reboots
systemctl enable foomuuri.service

Debian, Ubuntu

Foomuuri is include to Debian sid, forky, trixie (13) and bookworm-backports (12), Ubuntu 23.10 (Mantic) and Ubuntu 24.04 (Noble).

# Install packages
apt install foomuuri foomuuri-firewalld

# Configure Foomuuri and verify it
$EDITOR /etc/foomuuri/foomuuri.conf
foomuuri check

# Disable and stop current firewall, for example:
systemctl disable firewalld.service
systemctl disable shorewall.service
systemctl disable shorewall6.service
systemctl disable shorewall-init.service
nft flush ruleset

# Start Foomuuri
systemctl start foomuuri.service

# Check journal log for firewall logging
journalctl --follow --dmesg

# If everything works, make Foomuuri persistent across reboots
systemctl enable foomuuri.service

Arch Linux

Foomuuri is included to Arch User Repository (AUR).

# Build and install packages
git clone https://aur.archlinux.org/foomuuri.git
cd foomuuri
makepkg
pacman -U foomuuri-*-x86_64.pkg.tar.zst

# Configure Foomuuri and verify it
$EDITOR /etc/foomuuri/foomuuri.conf
foomuuri check

# Disable and stop current firewall, for example:
systemctl disable firewalld.service
systemctl disable shorewall.service
systemctl disable shorewall6.service
systemctl disable shorewall-init.service
nft flush ruleset

# Start Foomuuri
systemctl start foomuuri.service

# Check journal log for firewall logging
journalctl --follow --dmesg

# If everything works, make Foomuuri persistent across reboots
systemctl enable foomuuri.service

Source code

Source code tarball is available in releases page.

Foomuuri depends on nftables (version 1.0.0 or higher, with JSON support enabled) and python (version 3.9 or higher). Optional but highly recommended D-Bus support needs python3-dbus and python3-gobject (called python3-gi in some distributions).

Optionally Foomuuri will use python3-systemd, python3-urllib3 and python3-lxml if they are available.

# Untar source
tar xf foomuuri-0.??.tar.gz
cd foomuuri-0.??

# Install it to root filesystem
make install DESTDIR=/
systemctl daemon-reload
sysctl --system

# Configure Foomuuri and verify it
$EDITOR /etc/foomuuri/foomuuri.conf
foomuuri check

# Disable and stop current firewall, for example:
systemctl disable firewalld.service
systemctl disable shorewall.service
systemctl disable shorewall6.service
systemctl disable shorewall-init.service
nft flush ruleset

# Start Foomuuri
systemctl start foomuuri.service

# Check journal log for firewall logging
journalctl --follow --dmesg

# If everything works, make Foomuuri persistent across reboots
systemctl enable foomuuri.service