{"id":20635855,"url":"https://github.com/tholian-network/firewall","last_synced_at":"2025-04-15T21:25:46.526Z","repository":{"id":154123944,"uuid":"631718712","full_name":"tholian-network/firewall","owner":"tholian-network","description":":rainbow: eBPF-based programmable firewall, intended for use in Go backends","archived":false,"fork":false,"pushed_at":"2024-10-29T03:56:32.000Z","size":409,"stargazers_count":16,"open_issues_count":0,"forks_count":3,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-04-15T20:50:46.522Z","etag":null,"topics":["ebpf","firewall","golang"],"latest_commit_sha":null,"homepage":"https://tholian.network/","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tholian-network.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-04-23T22:21:15.000Z","updated_at":"2025-04-09T10:25:00.000Z","dependencies_parsed_at":null,"dependency_job_id":"de844b56-ccb9-4337-9247-c05c25f8d42d","html_url":"https://github.com/tholian-network/firewall","commit_stats":null,"previous_names":["tholian-network/firewall"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tholian-network%2Ffirewall","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tholian-network%2Ffirewall/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tholian-network%2Ffirewall/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tholian-network%2Ffirewall/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tholian-network","download_url":"https://codeload.github.com/tholian-network/firewall/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249155818,"owners_count":21221667,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ebpf","firewall","golang"],"created_at":"2024-11-16T15:07:46.844Z","updated_at":"2025-04-15T21:25:46.503Z","avatar_url":"https://github.com/tholian-network.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"# TholianĀ® Firewall\n\nA programmable eBPF Firewall that can be used from within `Go`-based backends\nand as a standalone CLI tool, with advanced features like automatic port scan\nor exfil network protocol detection.\n\n:construction: EXPERIMENTAL SOFTWARE - USE AT OWN RISK :construction:\n\n\n## Building\n\n### Building the eBPF Module\n\nThe [eBPF](./ebpf) module is required to block network traffic before it reaches\nthe kernel. There's a fallback implementation using `iptables` available, but it\nis not recommended. The eBPF module far outweighs iptables performance by any means.\n\nThis kernel space eBPF module is compiled down to bytecode, so hopefully it does not\nneed to be recompiled after the first time.\n\nIn case you need to, this is how to do it:\n\n```bash\n# Build Dependencies\nsudo pacman -S --needed binutils coreutils go bpf libbpf clang llvm llvm-libs lib32-llvm-libs;\n\ncd /path/to/tholian-firewall;\nbash make.sh ebpf;\n```\n\n\n### Building the Go Program\n\n```bash\ncd /path/to/tholian-firewall;\nbash make.sh source;\n\n# List the built binaries\nls ./build/linux/*;\n```\n\n\n### Build Tags\n\nThe `tholian-firewall` codebase uses two different reserved go build tags:\n\n- `guard` which includes the [ebpf module](/source/adapters/mitigations/ebpf) and all [insights](/source/insights).\n- `guard_openwrt` which includes the [ebpf module](/source/adapters/mitigations/ebpf).\n\nThere are also build tags which will fallback to `iptables` and `hosts` usage,\ndue to lack of support for Linux's eBPF API on those operating systems:\n\n- `guard_freebsd`\n- `guard_netbsd`\n- `guard_openbsd`\n\n\n### Running from Source\n\nThe easiest way to run the Firewall CLI:\n\n```bash\ncd /path/to/tholian-firewall/source;\nsudo go run -tags `guard` ./cmds/tholian-firewall/main.go;\n```\n\n\n# License\n\nProprietary\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftholian-network%2Ffirewall","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftholian-network%2Ffirewall","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftholian-network%2Ffirewall/lists"}