IPFire is a security platform (router and firewall), which can easily be extended and further hardened with Add-ons. Through these add-ons, a basic IPFire install can be quickly scaled up to a much more complex and customizable system.

IPFire has an easy-to-use package system called Pakfire which is used to manage updates and add-ons.

Major IPFire Add-ons


  • Use Tor to browse the internet anonymously

File Server

  • Samba is a file server for Microsoft Windows or heterogeneous networks
  • NFS is a file server for Linux and UNIX systems
  • Tftpd adds a tftp server
  • Netatalk is a file server for Macintosh computers

WiFi access point

Printing and Scanning

  • CUPS is a standard, open source, printing system over the network
  • foomatic is for integrating software printer drivers with common spoolers
  • gutenprint is a package of high quality printer drivers for Linux
  • Sane allows you to scan documents over the network with a web interface


Complex IPFire add-ons which turn your IPFire system in to a backup server

  • Dirvish is a backup script for IPFire with significant functionality
  • bacula is a set of tools to manage backup, recovery, and verification of computer data
  • BorgBackup is a deduplicating backup program


  • mdns-repeater - mDNS repeater daemon
  • socat is command line utility that establishes bidirectional transfers data locations

Mail Server


Voice over IP

  • Asterisk is an excellent Voice over IP (VoIP) exchange.


  • MPFire adds jukebox features to IPfire.
  • Gnump3d is a server for streaming MP3- and OGG-files.
  • Video Disc Recorder / VDR is a video recording / streaming server for digital TV cards.
  • miniupnpd is a lightweight implementation of a UPnP IGD daemon.
  • MiniDLNA/ReadyMedia is a simple, media server software, with the aim of being fully compliant with DLNA/UPnP-AV clients.
  • FFmpeg is a tool for handling video, audio, and other multimedia files and streams
  • Shairport is an AirPlay audio player


  • Guardian transforms the default Snort network intrusion detection system (IDS) to a network intrusion prevention system (IPS)
  • Lynis is a command-line auditing tool for local scanning of system and software
  • mdadm makes it possible to create software RAID devices (Part of the core programs since 2014)
  • Freeradius is a multi protocol policy authentication server
  • Spectre Meltdown Checker allows users to test their hardware for vulnerabilities

Shell tools

Tools for the IPFire Console or to use through a SSH connection

Network tools

  • bwm-ng is a bandwidth monitor
  • fping works like ping, but can be used for scanning entire networks
  • HAProxy
  • Iftop is a realtime bandwidth monitor
  • IPerf/JPerf allows you to test your network speed (LAN or WLAN)
  • iptraf-ng is a console-based network statistic monitoring utility
  • keepalived can be used for virtual services and 1st hop redundancy (VRRP)
  • mtr combines the functions of trace-route and ping in one tool
  • nmap is a versatile (and powerful) IP/port scanner
  • nginx is an HTTP and reverse proxy server, as well as a mail proxy server
  • stunnel - A SSL encryption wrapper
  • tcpdump is a tool to watch and control your network connections
  • traceroute is a network tool used to follow your packets through the internet
  • tshark is a network protocol analyzer and the terminal oriented version of wireshark
  • netcat is a network tool for reading and writing to network connections using TCP/UDP
  • avahi is a system which facilitates service discovery via the mDNS/DNS-SD protocol suite
  • dehydrated is a client for signing certificates with a Let’s Encrypt server
  • frr (FRRouting) is an IP routing protocol suite
  • bird is an Internet Routing Daemon with support of all modern routing protocols
  • speedtest-cli is a command line interface for testing Internet bandwidth

Other tools

Tools to be used on the IPFire Console or through a Secure Shell connection

  • htop is a process viewer similar to "top" but with many more features
  • igmpproxy is a simple multicast routing daemon based on mrouted
  • LCD4Linux grabs information and displays it on an external liquid crystal display
  • mc the good old Midnight Commander; an easy to use file manager
  • nano is a text editor, much easier to use than VI
  • Net-SNMP daemon is a SNMP implementation and more advanced than the basic snmpd
  • rsync is a file copying and backup utility
  • Tmux is a terminal multiplexer for the console
  • 7zip is a file archiver with a high compression ratio
  • ghostscript is a Postscript interpreter, PDF interpreter and rendering engine
  • joe is a full featured terminal-based screen editor
  • minicom is a text-based modem control and terminal emulation program for serial communications
  • telnet is used for interactive communicate with another host using the TELNET protocol
  • powertop is a tool to diagnose issues with power consumption and power management
  • ddrescue is a data recovery tool
  • wavemon is a wireless network monitor
  • sysbench is a system evaluation benchmark
  • flashrom is a utility to detect, read, write, verify and erase flash chips
  • ncdu is a a graphical disk usage monitor
  • lshw provides detailed information on the hardware configuration
  • sslh is an ssl/ssh multiplexer

System Monitoring

  • swatch is a simple log watcher. It analyzes log files and can trigger email alerts
  • watchdog is a service to automatically restart IPFire in the event of a failure
  • Monit is a small utility for managing and monitoring Unix systems
  • NRPE - Set up and configure NRPE server on IPFire
  • Zabbix Agent is the agent for monitoring a host by Zabbix
  • cpufrequtils monitors the speed of the processor via CPU Graph
  • icinga is a monitoring system checking hosts and services
  • iotop is a utility, similar to top command, that monitors disk I/O usage
  • mcelog decodes the kernel machine check log on x86 machines
  • WIO (Who Is Online?) is a builtin monitoring service for the local network showing connected devices
  • observium-agent is a client for the Observium network monitoring platform

Proxy enhancements

  • Sarg is graphical analysis tool for proxy reports, which can be used over the web interface.
  • Squid-accounting is graphical web interface for measuring traffic per host/user and the ability to generate bills.

UPS tools

Software to gracefully shut down IPFire if a connected UPS runs low on power

  • Apcupsd used for APC-branded Uninterruptible Power Supplies
  • NUT (Network UPS Tools) provides monitoring and control of many uninterruptible power supplies (UPSs)

User Interface Changes

  • SideMenu EX is a complex extension of IPFire's Side menus


IPFire as virtualization host

  • Qemu provides virtualization for IPFire, so that it can host guest OSes.
  • libvirt a toolkit to manage VMs on IPFire
Edit Page ‐ Yes, you can edit!

Older Revisions • March 14 at 11:11 pm • Adolf Belka