releases feed.
Stallone runs on devices that perform Network Address Translation (NAT), allowing machines on private networks to request that TCP and UDP ports be forwarded to them. The protocol used is called NAT Port Mapping Protocol (NAT-PMP) which was originally implemented in Apple's AirPort devices.
It is currently written for Linux machines using IP Tables but can easily be modified to work with other routing/firewalling mechanisms.
The latest release is 0.2.0 released on 2007-11-24. You can download the 0.2.0 release tarball (and signature). Alternatively you can browse the source or download snapshots by using the online source browser.
You can read the manual (manpage) by running man stallone, but basically you just run Stallone on your network gateway (NAT machine) with the -D flag to run it in the background:
stallone -D
Log messages will be sent to syslog (usually /var/log/syslog or /var/log/messages). Otherwise you can run Stallone in the foreground and have log messages printed to the screen by running without -D:
stallone
I'd really like to receive any feedback you have — even just to know that you're using Stallone. If there's something that could be changed in Stallone to improve your life, let me know. Just fire off an email to ted@midg3t.net.
To be notified when a new release is available, subscribe to the
releases feed.
Stallone is currently maintained using the Git distributed revision control system. You can browse the source online or clone the repository and start hacking with:
git clone git://tedp.id.au/git/stallone.git
You can contact me on IRC in #avahi on irc.freenode.net, or email me at ted@midg3t.net. Comments may also be sent to the Avahi mailing list.
Send bug reports via email: bug me!
Stallone is serious about security. That's why it runs as two processes, the main process that runs unprivileged and chroot()ed, and the small root helper process that adjusts firewall rules. The root helper (worker) process drops all the unnecessary capabilities, retaining only CAP_NET_ADMIN. It restricts forwarded ports to a small range and adds its forwarding rules after all other iptables rules in its own chain to prevent getting in the way of existing configuration.
Stallone is free software under the GNU LGPL (version 2.1 or later).
— Ted Percival (contact).