https://github.com/eliranmaman/basic-firewall
Basic-Firewall is an educational project, using to help me better understood how to write Kernel Modules. This project is a hook to the NetFilters and manipulates the packets going via the network interfaces. Basic-Firewall supporting only IPV-4.
https://github.com/eliranmaman/basic-firewall
c debian-linux firewall firewall-template firewalls kernel-driver kernel-module kernel-modules
Last synced: 2 months ago
JSON representation
Basic-Firewall is an educational project, using to help me better understood how to write Kernel Modules. This project is a hook to the NetFilters and manipulates the packets going via the network interfaces. Basic-Firewall supporting only IPV-4.
- Host: GitHub
- URL: https://github.com/eliranmaman/basic-firewall
- Owner: eliranmaman
- License: gpl-3.0
- Created: 2020-09-12T07:57:29.000Z (almost 5 years ago)
- Default Branch: master
- Last Pushed: 2020-11-28T10:31:49.000Z (over 4 years ago)
- Last Synced: 2025-03-24T03:53:09.117Z (3 months ago)
- Topics: c, debian-linux, firewall, firewall-template, firewalls, kernel-driver, kernel-module, kernel-modules
- Language: C
- Homepage:
- Size: 83 KB
- Stars: 17
- Watchers: 1
- Forks: 6
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Basic-FireWall    
Basic-Firewall is an educational project, using to help me better understand how to write Kernel Modules. This project using netfilters
hook for manipulate the network packets. Basic-Firewall supporting only IPV-4.
The Basic-Firewall has its own controller (firewallctl), transferring the user request from the user space to the kernel space through a character device.
### My tool coverage
* Blocking incoming network by PORT or IP filters, The hook for the incoming filters is at the Pre-Routing and testing where the packet arrived from.
* Blocking outgoing network by PORT or IP filters, The hook for the outgoing filters is at the Post-Routing and testing the packet destination.
### Requirements
* Debian based Linux distribution (Ubuntu xenial will be perfect)
* Kernel 4.4 (Tested on 4.4)
### Installation guide
Run the install.sh script from a terminal with sudo permissions.
##### Possible commands -
* -h: Help & more information
* -n: The type of the network filter you would like to add / remove (IN or OUT)
* -t: The type of the filter you would like to add / remove (IP or PORT)
* -a: The type of the action you would like to perform (ADD or REMOVE)
* -i: Get all the system filters.
### Basic Usage
Please note, using the firewallctl required sudo premissions.
```bash
firewallctl -t [IN/OUT] -a [ADD/REMOVE] -t [IP/PORT] [IP/PORT]
```
* Add new filter for incoming network filtering by IP (127.0.0.1):
```bash
firewallctl -n IN -t IP -a ADD 127.0.0.1
```
* Add new filter for incoming network filtering by PORT (1010):
```bash
firewallctl -n IN -t PORT -a ADD 1010
```
* Add new filter for outgoing network filtering by IP (127.0.0.1):
```bash
firewallctl -n OUT -t IP -a ADD 127.0.0.1
```
* Add new filter for outgoing network filtering by PORT (1010):
```bash
firewallctl -n OUT -t PORT -a ADD 1010
```
* Remove existing filter for incoming network filtering by IP (127.0.0.1):
```bash
firewallctl -n IN -t IP -a REMOVE 127.0.0.1
```
* Remove existing filter for incoming network filtering by PORT (1010):
```bash
firewallctl -n IN -t PORT -a REMOVE 1010
```
* Remove existing filter for outgoing network filtering by IP (127.0.0.1):
```bash
firewallctl -n OUT -t IP -a REMOVE 127.0.0.1
```
* Remove existing filter for outgoing network filtering by PORT (1010):
```bash
firewallctl -n OUT -t PORT -a REMOVE 1010
```
* Getting all the system filters
```bash
firewallctl -i
```
* Help
```bash
firewallctl --help
```
### Further Filtering
Of course, you can clone & implement other filters.