eliranmaman / Basic Firewall
Licence: gpl-3.0
Basic-Firewall is an educational project, using to help me better understood how to write Kernel Modules. This project is a hook to the NetFilters and manipulates the packets going via the network interfaces. Basic-Firewall supporting only IPV-4.
Stars: ✭ 51
Programming Languages
c
50402 projects - #5 most used programming language
Labels
Projects that are alternatives of or similar to Basic Firewall
Awesome Anti Censorship
curated list of open-source anti-censorship tools
Stars: ✭ 521 (+921.57%)
Mutual labels: firewall
Spoilerwall
Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!
Stars: ✭ 754 (+1378.43%)
Mutual labels: firewall
Arbitrium Rat
Arbitrium is a cross-platform, fully undetectable remote access trojan, to control Android, Windows and Linux and doesn't require any firewall exceptions or port forwarding rules
Stars: ✭ 938 (+1739.22%)
Mutual labels: firewall
Waf
🚦Web Application Firewall or API Gateway(应用防火墙/API网关)
Stars: ✭ 547 (+972.55%)
Mutual labels: firewall
Wirefilter
An execution engine for Wireshark-like filters
Stars: ✭ 677 (+1227.45%)
Mutual labels: firewall
Xwaf
xWAF 3.0 - Free Web Application Firewall, Open-Source.
Stars: ✭ 48 (-5.88%)
Mutual labels: firewall
Vm
💻☁📦 The (official) Nextcloud VM (virtual machine appliance), Home/SME Server and scripts for RPi (4).
Stars: ✭ 716 (+1303.92%)
Mutual labels: firewall
Ciscoconfparse
Parse, Audit, Query, Build, and Modify Cisco IOS-style configurations. Python Infrastructure as Code (IaC) for Cisco IOS (and other vendors).
Stars: ✭ 562 (+1001.96%)
Mutual labels: firewall
Ufw Docker
To fix the Docker and UFW security flaw without disabling iptables
Stars: ✭ 878 (+1621.57%)
Mutual labels: firewall
Laravel Firewall
Web Application Firewall (WAF) package for Laravel
Stars: ✭ 544 (+966.67%)
Mutual labels: firewall
Lanproxy
lanproxy是一个将局域网个人电脑、服务器代理到公网的内网穿透工具,支持tcp流量转发,可支持任何tcp上层协议(访问内网网站、本地支付接口调试、ssh访问、远程桌面、http代理、https代理、socks5代理...)。技术交流QQ群 678776401
Stars: ✭ 4,784 (+9280.39%)
Mutual labels: firewall
Docker Host
A docker sidecar container to forward all traffic to local docker host or any other host
Stars: ✭ 769 (+1407.84%)
Mutual labels: firewall
Sipcheck
SIPCheck is a tool that watch the authentication of users of Asterisk and bans automatically if some user (or bot) try to register o make calls using wrong passwords.
Stars: ✭ 20 (-60.78%)
Mutual labels: firewall
Basic-FireWall
Basic-Firewall is an educational project, using to help me better understand how to write Kernel Modules. This project using netfilters hook for manipulate the network packets. Basic-Firewall supporting only IPV-4.
The Basic-Firewall has its own controller (firewallctl), transferring the user request from the user space to the kernel space through a character device.
My tool coverage
- Blocking incoming network by PORT or IP filters, The hook for the incoming filters is at the Pre-Routing and testing where the packet arrived from.
- Blocking outgoing network by PORT or IP filters, The hook for the outgoing filters is at the Post-Routing and testing the packet destination.
Requirements
- Debian based Linux distribution (Ubuntu xenial will be perfect)
- Kernel 4.4 (Tested on 4.4)
Installation guide
Run the install.sh script from a terminal with sudo permissions.
Possible commands -
- -h: Help & more information
- -n: The type of the network filter you would like to add / remove (IN or OUT)
- -t: The type of the filter you would like to add / remove (IP or PORT)
- -a: The type of the action you would like to perform (ADD or REMOVE)
- -i: Get all the system filters.
Basic Usage
Please note, using the firewallctl required sudo premissions.
firewallctl -t [IN/OUT] -a [ADD/REMOVE] -t [IP/PORT] [IP/PORT]
- Add new filter for incoming network filtering by IP (127.0.0.1):
firewallctl -n IN -t IP -a ADD 127.0.0.1
- Add new filter for incoming network filtering by PORT (1010):
firewallctl -n IN -t PORT -a ADD 1010
- Add new filter for outgoing network filtering by IP (127.0.0.1):
firewallctl -n OUT -t IP -a ADD 127.0.0.1
- Add new filter for outgoing network filtering by PORT (1010):
firewallctl -n OUT -t PORT -a ADD 1010
- Remove existing filter for incoming network filtering by IP (127.0.0.1):
firewallctl -n IN -t IP -a REMOVE 127.0.0.1
- Remove existing filter for incoming network filtering by PORT (1010):
firewallctl -n IN -t PORT -a REMOVE 1010
- Remove existing filter for outgoing network filtering by IP (127.0.0.1):
firewallctl -n OUT -t IP -a REMOVE 127.0.0.1
- Remove existing filter for outgoing network filtering by PORT (1010):
firewallctl -n OUT -t PORT -a REMOVE 1010
- Getting all the system filters
firewallctl -i
- Help
firewallctl --help
Further Filtering
Of course, you can clone & implement other filters.
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].