Barry the Bear

Bearwall-- Because you can jump through fire but you can't jump through a bear



Welcome to the home of the firewall builder for configuring a dual-stack nftables firewall.

Bearwall is a firewall builder that allows you to easily manage complex security policy on a linux host by separating your policies into reusable classes and rulesets.

Bearwall reads in your firewall policy, defined in Bash, and generates the appropriate nftables chains and rules to implement consistent policy for a dual-stacked host.


Documentation for bearwall can be found on our github wiki.

Bugs/Feature Requests

Please create bugs and feature requests on our github issue tracker.


The latest version as well as release notes can be found on the github release page.

We also supply a Debian & Ubuntu repository for keeping up to date with the latest version of bearwall.

Enabling the bearwall repository in Debian/Ubuntu:

sudo apt-get install apt-transport-https curl lsb-release gnupg
sudo mkdir -p /etc/apt/keyrings/
curl -1sLf | sudo gpg --dearmor -o /etc/apt/keyrings/bearwall2.gpg
echo "deb [signed-by=/etc/apt/keyrings/bearwall2.gpg]$(lsb_release -is | awk '{print tolower($0)}') $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/bearwall2.list
sudo apt-get update
sudo apt-get install bearwall2