Git Product home page Git Product logo

minifirewall's Introduction

minifirewall: a packet filtering firewall for GNU/Linux systems

minifirewall is a simple packet filtering firewall, written in C, for GNU/Linux based systems. It uses Netfilter's hooks to watch the inbound and outbound packets of a computer in a network.

Source files' description

Under the LKM directory:
minifw.c : A Linux Kernel module (LKM) which implements Netfilter's hooks mainly NF_INET_LOCAL_IN and NF_INET_LOCAL_OUT to filter the packets.
minifw.h : Has all the structure details and other macros needed to implement the rules of minifirewall (the details in this header file must be consistent with the details in the user space minifirewall header).

Under the Userspace directory:
minifirewall.c : This tool acts as the user space program for setting minifirewall's packet filtering rules. It uses "getopt.h" header to parse the arguments sent to it. Please get used to its arguments' notation. Will include the "help" details to the code after some clean-up work.
minifirewall.h : Contains macros and structs as in minifw.c. All the fields in the struct my_ipt are initialised in minifirewall.c and are sent to minifw LKM through /proc. </br/>

Brief demo

Follow the steps given below to insert minifw LKM into the kernel.

    cd LKM
    make
    sudo insmod minifw.ko

You must see a module by the name minifw when you do a lsmod | head -3 to list out the modules in your system. Also you must observe that there is an entry by the name minifw in the /proc directory which you can find out by doing a ls /proc | grep "minifw".

Run the user-space minifirewall program after compiling it. Follow the steps given below to test it.

    gcc -o -Wall minifirewall minifirewall.c
    sudo ./minifirewall --in --proto ALL --action BLOCK
    ping www.google.com

What do you observe? You should NOT be able to ping any server since you have written a minifirewall rule to block all the incoming packets bounded to your system. Also you can try opening a webpage in your browser which should be unsuccessful. If not, then there is some problem with passing/registering the rules with the LKM minifw.

Play around with some more rules of minifirewall by going through its source until I update a "help" section which lists out all the parameters for minifirewall's rules.

Good luck!

minifirewall's People

Contributors

ashishraste avatar galoisfield avatar

Watchers

James Cloos avatar shekk avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.