Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/k3yss/firewall
A mini firewall for linux based systems using netfilter hooks
https://github.com/k3yss/firewall
firewall linux-kernel
Last synced: about 1 month ago
JSON representation
A mini firewall for linux based systems using netfilter hooks
- Host: GitHub
- URL: https://github.com/k3yss/firewall
- Owner: k3yss
- License: gpl-3.0
- Created: 2024-04-02T16:53:41.000Z (9 months ago)
- Default Branch: main
- Last Pushed: 2024-04-08T07:43:12.000Z (9 months ago)
- Last Synced: 2024-10-12T07:41:21.442Z (2 months ago)
- Topics: firewall, linux-kernel
- Language: C
- Homepage:
- Size: 37.1 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Kernel Module Firewall for Linux Based Systems
Implementation of software based firewall for linux based systems.**Features**:
- *ICMP blocking*: commands like `ping` use ICMP protocol but modern browsers use the TCP/IP protocol, which is beyond the scope of this project
- *IP blocking*: we can specify the IP address we want to block### Quickstart
**Prerequisites**
Install the linux kernel headers
```
$ sudo apt-get install linux-headers-$(uname -r)
```
**Build and run**
```shell
$ git clone https://github.com/k3ys/firewall && cd firewall
$ cd src
$ make
$ sudo insmod firewall.ko ip_addr_rule=
```## Notes:
**Why are we using a kernel module?**Don't want to recompile the kernel everytime, it is easier this way and also the standard practice.
## Future plans
Making the firewall more robust and incorporate more hooks: `NP_INET_FORWARD`, `NP_INET_POST_ROUTING`, `NP_INET_LOCAL_IN`, `NP_INET_LOCAL_OUT`.
## References
1. [Simple Kernel Module in C (video)](https://www.youtube.com/watch?v=SOo1rbnryeo)
2. [Linux firewall from scratch based on Netfilter (blog)](https://levelup.gitconnected.com/write-a-linux-firewall-from-scratch-based-on-netfilter-462013202686)
3. [Linux Kernel Module Programming Guide (documentation)](https://sysprog21.github.io/lkmpg/)
4. [Linux Kernel Source Tree](https://github.com/torvalds/linux)
5. [Linux Kernel Networking Documenation](https://www.kernel.org/doc/html/latest/networking/index.html)