https://github.com/brenns10/pywall

Python firewall.
https://github.com/brenns10/pywall

connection-tracking firewall iptables linux python

Last synced: 9 months ago
JSON representation

Python firewall.

• Host: GitHub
• URL: https://github.com/brenns10/pywall
• Owner: brenns10
• Created: 2015-03-22T23:13:58.000Z (almost 11 years ago)
• Default Branch: master
• Last Pushed: 2021-02-18T06:43:19.000Z (almost 5 years ago)
• Last Synced: 2025-04-06T23:46:57.880Z (9 months ago)
• Topics: connection-tracking, firewall, iptables, linux, python
• Language: Python
• Size: 155 KB
• Stars: 36
• Watchers: 7
• Forks: 19
• Open Issues: 1
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
PyWall

======

A Python firewall: Because slow networks are secure networks.

Installation

------------

This section assumes that you are installing this program on Ubuntu 14.04 LTS.

This firewall should work on other Linux systems, but safety not guaranteed.

First, install the required packages. On Ubuntu, these are `iptables`, `python`,

`python-pip`, `build-essential`, `python-dev`, and

`libnetfilter-queue-dev`. Next, use `pip2` to install the project dependencies,

which can be found in `requirements.txt`.

The commands for both these operations are:

    sudo apt-get install python python-pip iptables build-essential python-dev libnetfilter-queue-dev

    pip install --user -r requirements.txt

Running

-------

The main file is `main.py`, which needs to be run as root to modify IPTables.

Additionally, main needs to receive a JSON configuration file as its first

argument. If running with the example configuration, the command is:

`sudo python2 main.py examples/example.json`

To stop PyWall, press Control-C.

Troubleshooting

---------------

PyWall should undo its changes to IPTables after exiting. However, if you are

unable to access the internet after exiting PyWall, view existing

IPTables rules with `sudo iptables -nL`. If a rule with the target chain

`NFQueue` lingers, delete it with

`sudo iptables -D INPUT -j NFQUEUE --queue-num [undesired-queue-number]`.

For INPUT rules, the command is `sudo iptables -D INPUT -j NFQUEUE --queue-num 1`.

For OUTPUT rules, the command is `sudo iptables -D OUTPUT -j NFQUEUE --queue-num 2`.

In case PyWall gives a message that another application has the xtables lock,

Control-C the server, ensure that all the IPTables rules are cleared, and

restart PyWall.