{"id":38186008,"url":"https://github.com/cylonchau/firewalld-gateway","last_synced_at":"2026-01-17T00:01:59.600Z","repository":{"id":143626253,"uuid":"424981401","full_name":"cylonchau/firewalld-gateway","owner":"cylonchau","description":"Full rest API implemented Linux firewalld distributed manipulation controller and UI ","archived":false,"fork":false,"pushed_at":"2025-02-03T14:00:04.000Z","size":19687,"stargazers_count":48,"open_issues_count":7,"forks_count":8,"subscribers_count":6,"default_branch":"main","last_synced_at":"2025-08-09T21:39:38.358Z","etag":null,"topics":["dbus","firewall","firewalld-rest","firewalld-ui","iptables","iptables-rest","iptables-ui","iptables-web","iptables-web-ui","nftables","nftables-rest","nftables-ui","nftables-web","nftables-web-ui","uranus"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cylonchau.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-11-05T14:43:17.000Z","updated_at":"2025-08-07T10:57:56.000Z","dependencies_parsed_at":null,"dependency_job_id":"5bf0a6b1-7abd-40e6-8bc0-4e523114da91","html_url":"https://github.com/cylonchau/firewalld-gateway","commit_stats":null,"previous_names":["cylonchau/firewalldgateway","iseall/firewall-api"],"tags_count":9,"template":false,"template_full_name":null,"purl":"pkg:github/cylonchau/firewalld-gateway","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cylonchau%2Ffirewalld-gateway","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cylonchau%2Ffirewalld-gateway/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cylonchau%2Ffirewalld-gateway/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cylonchau%2Ffirewalld-gateway/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cylonchau","download_url":"https://codeload.github.com/cylonchau/firewalld-gateway/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cylonchau%2Ffirewalld-gateway/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28489788,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-16T23:55:29.509Z","status":"ssl_error","status_checked_at":"2026-01-16T23:55:29.108Z","response_time":107,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dbus","firewall","firewalld-rest","firewalld-ui","iptables","iptables-rest","iptables-ui","iptables-web","iptables-web-ui","nftables","nftables-rest","nftables-ui","nftables-web","nftables-web-ui","uranus"],"created_at":"2026-01-17T00:01:58.778Z","updated_at":"2026-01-17T00:01:59.588Z","avatar_url":"https://github.com/cylonchau.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Uranus\n\nUranus is a Linux firewalld central controller. In Greek mythology, Uranus king of gods. The firewall gateway is the Uranus for iptables.\n\n## Quick start\n\nhttps://www.oomkill.com/2024/08/uranus-installation/\n\n## Show\n\n### Show picture：:\n\n▶ [Click](#Screenshot) ◀\n\n### Show Video\n- In China ▶ [bilibili](https://www.bilibili.com/video/BV1J24y1K7SD) ◀\n- In World ▶ [YouTube](https://www.youtube.com/watch?v=v7HLZVA5V58) ◀\n\n![](./images/Uranus.png)\n\n## Features\n- Full firewalld features \n- Full D-BUS API convert to REST API.(currently converted OS debian11, centos7)\n- Based dbus remotely.\n- Declarative API and Imperative API.\n- Asynchronous batch interface (only add).\n- Can control thousands of linux machine via firewall gateway remotely.\n- Support change tempate of thousands of machine fastly.\n- Support wrong operation backoff.\n- Support delay command effect.\n- Support iptables NAT ipset timer task.\n- Support template switch (only enable db).\n- Only HTTP Service (without store).\n- UI based VUE-element-admin.\n- Support datacenter tag and machine management.\n- Support SQLite \u0026 MySQL databases.\n\n## TODO\n- [X] Asynchronous batch process\n- [X] optional API on (v3 only)\n- [X] security policy\n- [X] Delay task\n- [X] UI\n- [X] Authtication.\n- [X] Deplyment on Kubernetes \u0026 Docker\n- [ ] Prometheus Metics.\n- [ ] WAF SDK.\n\n\n## Deploy\n\nTo Compiling Uranus, execute following command:\n\n```bash\ngit clone ..\nmake\n```\n\nTo deploy Uranus on kubernetes, execute following command:\n\n```\nkubectl apply -f https://raw.githubusercontent.com/cylonchau/firewalld-gateway/main/deploy/deployment.yaml\n```\n\nTo run Uranus on docker, execute following command:\n\n```bash\ndocker run -d --rm  cylonchau/uranus\n```\n\nif you think update you dbus-daemon verion to lasest, can use `dbus.spec` make your package.\n\n## use\n\nSwagger API Doc: host:port/swagger/index.html\n\n- v1 runtime resource.\n- v2 permanent resource.\n- v3 Asynchronous batck opreation.\n\n## FAQ\n\n### Why not use ssh or ansible tools.\n\nBecause D-Bus support remotely and firewalld implemented full D-Bus API, so we can batch manage iptables rules via firealld.\n\n### How diffrence your project and other\n\nfirewall gateway implemented full dbus API convert to HTTP API, so can control thousands of machine via gateway. And ohter project update iptables via agent scripts. or only run on one machines.\n\n\n### Is enable D-Bus remotely safe?\n\nWe can open D-Bus port only accpet gateway's IP, so is safed\n\ndefault if you machine hacked, enable of disable D-Bus remote, it doesn't make any sense. Because hacker can run any command on your machine.\n\nIf you machine Is safe, so we can through open D-Bus port only accpet gateway's IP, so can management iptables rules via gateway and UI\n\nFor example\n\n- The layer 1, you can add iptables rule restrict dbus tcp port.\n- The layer 2, you can use dbus ACL restrict request.\n\nTo edit /etc/dbus-1/system.conf, example.\n\n```xml\n\u003cpolicy context=\"default\"\u003e\n    \u003cdeny receive_path=\"/org/fedoraproject/FirewallD1\" /\u003e \u003c!-- restrict all request --\u003e\n    \u003callow user=\"root\" /\u003e\n    \u003callow own=\"com.github.cylonchau.Uranus\" /\u003e \u003c!-- allow uranus resiger to dbus-daemon --\u003e\n    \u003c!-- if requseter is com.github.cylonchau.Uranus and request path is /org/fedoraproject/FirewallD1, then allow  --\u003e\n    \u003callow receive_sender=\"com.github.cylonchau.Uranus\" receive_path=\"/org/fedoraproject/FirewallD1\" /\u003e\n\u003c/policy\u003e\n```\n\n### How to output debug ?\n\n```\n-v 5 // full log\n-v 4 // info log\n-v 2 // no log\n```\n\n## Run\n\n### migration\n\n```bash\nmake build \u0026\u0026 \\\n    ./_output/firewalld-gateway  --migration --sql-driver=sqlite --config firewalld-gateway.toml -v 5\n```\n### Run\n\n```bash\nmake build \u0026\u0026 \\\n    ./_output/firewalld-gateway --sql-driver=sqlite  --config firewalld-gateway.toml -v 5\n```\n\n## Screenshot\n\n![](./images/123.png)\n\n![](./images/223.png)\n\n![](./images/323.png)\n\n![](./images/423.png)\n\n![](./images/523.png)\n\n![](./images/623.png)","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcylonchau%2Ffirewalld-gateway","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcylonchau%2Ffirewalld-gateway","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcylonchau%2Ffirewalld-gateway/lists"}