uif - Tool for generating optimized firewall rules.

uif – Tool for generating optimized firewall rules.

The UIF project has been developed for a diskless router system and provides a mechanism to create and simplify packet filter rules. It forces you to provide names for every value you use in order to make firewalls less confusing.

Please have a look at the man pages for uif(8) and uif.conf(5). There are also example configurations in the docs/ directory.
Imagine the following scenario with one packet filter and masquerading:

There is some LDAP support built-in, with that you can handle a big farm of diskles router configurations. Use uif(8) and information provided in the doc/ directory to configure the firewall fitting your needs.

uif firewall

In order to use the script, you need iptables, ip6tables, Perl, NetAddr::IP (>=3.0), Socket, Data::Validate::IP and optionally Net::LDAP.

Usage and install:

Source: https://github.com/cajus