Firezone v0.6.11 releases: WireGuard-based VPN server and firewall
A self-managed WireGuard-based VPN server and Linux firewall designed for simplicity and security.
- Fast: Uses WireGuard to be 3-4 times faster than OpenVPN.
- No dependencies: All dependencies are bundled thanks to Chef Omnibus.
- Simple: Takes minutes to set up. Manage via a simple CLI API.
- Secure: Runs unprivileged. HTTPS enforced. Encrypted cookies.
- Firewall included: Uses Linux nftables to block unwanted egress traffic.
Firezone is not:
- An inbound firewall
- A tool for creating mesh networks
- A full-featured router
- An IPSec or OpenVPN server
Deploying and Configuring
Firezone consists of a single distributable Linux package that you install and manage yourself. Management of the Firezone installation is handled by the firezone-ctl utility while management of the VPN and firewall themselves are handled by the Web UI.
Firezone acts as a frontend to both the WireGuard kernel module and the netfilter kernel subsystem. It creates a WireGuard interface (by default called wg-firezone) and firezone netfilter table and adds appropriate routes to the routing table. Other programs that modify the Linux routing table or netfilter firewall may interfere with Firezone’s operation.
Firezone requires a valid SSL certificate and a matching DNS record to run in production. We recommend using Let’s Encrypt to generate a free SSL cert for your domain.
Firezone is beta software. We highly recommend limiting network access to the Web UI to prevent exposing it to the public Internet.
🐛 Bug Fixes
- Use application_version() to link back to repo @jamilbk (#1181)
- Fix AsyncAPI specification errors @jamilbk (#1177)
- Wrap magic link with url() @jamilbk (#1170)
- Update Docker migration script to match install improvements @jamilbk (#1166)
- Small improvements to make setup process easier for OS contributors @AndrewDryga (#1171)
- Bump hammer_plug from 2.1.1 to 3.0.0 @dependabot (#1176)
- Bump phoenix_live_reload from 1.4.0 to 1.4.1 @dependabot (#1174)
- Fix typo “MacOS” in user documentation @tyrann0us (#1161)
- docs: Fix Google SAML setup instruction @gongjason (#1168)
Copyright 2020 Engineering