{"id":15051096,"url":"https://github.com/eliranmaman/basic-firewall","last_synced_at":"2025-04-10T02:21:50.426Z","repository":{"id":250377556,"uuid":"294897991","full_name":"eliranmaman/Basic-FireWall","owner":"eliranmaman","description":"Basic-Firewall is an educational project, using to help me better understood how to write Kernel Modules. This project is a hook to the NetFilters and manipulates the packets going via the network interfaces. Basic-Firewall supporting only IPV-4.","archived":false,"fork":false,"pushed_at":"2020-11-28T10:31:49.000Z","size":85,"stargazers_count":17,"open_issues_count":0,"forks_count":6,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-03-24T03:53:09.117Z","etag":null,"topics":["c","debian-linux","firewall","firewall-template","firewalls","kernel-driver","kernel-module","kernel-modules"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/eliranmaman.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-09-12T07:57:29.000Z","updated_at":"2025-03-17T14:03:07.000Z","dependencies_parsed_at":"2024-07-26T23:26:07.352Z","dependency_job_id":null,"html_url":"https://github.com/eliranmaman/Basic-FireWall","commit_stats":null,"previous_names":["eliranmaman/basic-firewall"],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eliranmaman%2FBasic-FireWall","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eliranmaman%2FBasic-FireWall/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eliranmaman%2FBasic-FireWall/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eliranmaman%2FBasic-FireWall/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/eliranmaman","download_url":"https://codeload.github.com/eliranmaman/Basic-FireWall/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248143144,"owners_count":21054713,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["c","debian-linux","firewall","firewall-template","firewalls","kernel-driver","kernel-module","kernel-modules"],"created_at":"2024-09-24T21:30:53.124Z","updated_at":"2025-04-10T02:21:50.400Z","avatar_url":"https://github.com/eliranmaman.png","language":"C","readme":"# Basic-FireWall ![GitHub tag (latest by date)](https://img.shields.io/github/v/tag/eliranmaman/Basic-Firewall) ![C/C++ CI](https://github.com/eliranmaman/Basic-FireWall/workflows/C/C++%20CI/badge.svg?branch=master) ![GitHub top language](https://img.shields.io/github/languages/top/eliranmaman/Basic-FireWall) ![GitHub](https://img.shields.io/github/license/eliranmaman/Basic-Firewall)\nBasic-Firewall is an educational project, using to help me better understand how to write Kernel Modules. This project using netfilters\nhook for manipulate the network packets. Basic-Firewall supporting only IPV-4.\n\nThe Basic-Firewall has its own controller (firewallctl), transferring the user request from the user space to the kernel space through a character device.\n\n### My tool coverage \n* Blocking incoming network by PORT or IP filters, The hook for the incoming filters is at the Pre-Routing and testing where the packet arrived from.\n* Blocking outgoing network by PORT or IP filters, The hook for the outgoing filters is at the Post-Routing and testing the packet destination.\n\n### Requirements\n* Debian based Linux distribution (Ubuntu xenial will be perfect)\n* Kernel 4.4 (Tested on 4.4)\n\n### Installation guide\nRun the install.sh script from a terminal with sudo permissions.\n\n##### Possible commands - \n* -h: Help \u0026 more information\n* -n: The type of the network filter you would like to add / remove (IN or OUT)\n* -t: The type of the filter you would like to add / remove (IP or PORT)\n* -a: The type of the action you would like to perform (ADD or REMOVE)\n* -i: Get all the system filters.\n### Basic Usage\nPlease note, using the firewallctl required sudo premissions.\n```bash\nfirewallctl -t [IN/OUT] -a [ADD/REMOVE] -t [IP/PORT] [IP/PORT]\n```\n\n* Add new filter for incoming network filtering by IP (127.0.0.1):\n    ```bash\n    firewallctl -n IN -t IP -a ADD 127.0.0.1\n    ```\n* Add new filter for incoming network filtering by PORT (1010):\n    ```bash\n    firewallctl -n IN -t PORT -a ADD 1010\n    ```\n* Add new filter for outgoing network filtering by IP (127.0.0.1):\n  ```bash\n  firewallctl -n OUT -t IP -a ADD 127.0.0.1\n  ```\n* Add new filter for outgoing network filtering by PORT (1010):\n    ```bash\n    firewallctl -n OUT -t PORT -a ADD 1010\n    ```\n* Remove existing filter for incoming network filtering by IP (127.0.0.1):\n  ```bash\n  firewallctl -n IN -t IP -a REMOVE 127.0.0.1\n  ```\n* Remove existing filter for incoming network filtering by PORT (1010):\n    ```bash\n    firewallctl -n IN -t PORT -a REMOVE 1010\n    ```\n* Remove existing filter for outgoing network filtering by IP (127.0.0.1):\n  ```bash\n  firewallctl -n OUT -t IP -a REMOVE 127.0.0.1\n  ```\n* Remove existing filter for outgoing network filtering by PORT (1010):\n    ```bash\n    firewallctl -n OUT -t PORT -a REMOVE 1010\n    ```\n* Getting all the system filters\n    ```bash\n    firewallctl -i\n    ```\n* Help\n    ```bash\n    firewallctl --help\n    ```\n### Further Filtering\nOf course, you can clone \u0026 implement other filters.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feliranmaman%2Fbasic-firewall","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Feliranmaman%2Fbasic-firewall","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feliranmaman%2Fbasic-firewall/lists"}