Git Product home page Git Product logo

eliranmaman / basic-firewall Goto Github PK

View Code? Open in Web Editor NEW
14.0 2.0 6.0 85 KB

Basic-Firewall is an educational project, using to help me better understood how to write Kernel Modules. This project is a hook to the NetFilters and manipulates the packets going via the network interfaces. Basic-Firewall supporting only IPV-4.

License: GNU General Public License v3.0

Makefile 0.55% C 95.01% Shell 4.44%
firewall kernel-module kernel-modules kernel-driver debian-linux firewalls firewall-template c

basic-firewall's Introduction

Basic-FireWall GitHub tag (latest by date) C/C++ CI GitHub top language GitHub

Basic-Firewall is an educational project, using to help me better understand how to write Kernel Modules. This project using netfilters hook for manipulate the network packets. Basic-Firewall supporting only IPV-4.

The Basic-Firewall has its own controller (firewallctl), transferring the user request from the user space to the kernel space through a character device.

My tool coverage

  • Blocking incoming network by PORT or IP filters, The hook for the incoming filters is at the Pre-Routing and testing where the packet arrived from.
  • Blocking outgoing network by PORT or IP filters, The hook for the outgoing filters is at the Post-Routing and testing the packet destination.

Requirements

  • Debian based Linux distribution (Ubuntu xenial will be perfect)
  • Kernel 4.4 (Tested on 4.4)

Installation guide

Run the install.sh script from a terminal with sudo permissions.

Possible commands -
  • -h: Help & more information
  • -n: The type of the network filter you would like to add / remove (IN or OUT)
  • -t: The type of the filter you would like to add / remove (IP or PORT)
  • -a: The type of the action you would like to perform (ADD or REMOVE)
  • -i: Get all the system filters.

Basic Usage

Please note, using the firewallctl required sudo premissions.

firewallctl -t [IN/OUT] -a [ADD/REMOVE] -t [IP/PORT] [IP/PORT]
  • Add new filter for incoming network filtering by IP (127.0.0.1): 
    firewallctl -n IN -t IP -a ADD 127.0.0.1
  • Add new filter for incoming network filtering by PORT (1010): 
    firewallctl -n IN -t PORT -a ADD 1010
  • Add new filter for outgoing network filtering by IP (127.0.0.1): 
    firewallctl -n OUT -t IP -a ADD 127.0.0.1
  • Add new filter for outgoing network filtering by PORT (1010): 
    firewallctl -n OUT -t PORT -a ADD 1010
  • Remove existing filter for incoming network filtering by IP (127.0.0.1): 
    firewallctl -n IN -t IP -a REMOVE 127.0.0.1
  • Remove existing filter for incoming network filtering by PORT (1010): 
    firewallctl -n IN -t PORT -a REMOVE 1010
  • Remove existing filter for outgoing network filtering by IP (127.0.0.1): 
    firewallctl -n OUT -t IP -a REMOVE 127.0.0.1
  • Remove existing filter for outgoing network filtering by PORT (1010): 
    firewallctl -n OUT -t PORT -a REMOVE 1010
  • Getting all the system filters 
    firewallctl -i
  • Help 
    firewallctl --help

Further Filtering

Of course, you can clone & implement other filters.

basic-firewall's People

Contributors

eliranmaman avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar

Forkers

danielcohen36 johnwilson0 ledunguit svlsr2000 tooms972 rajat397

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.