FieryFilter 0.4 review
DownloadFieryFilter is an interactive desktop firewall for Linux
|
|
FieryFilter is an interactive desktop firewall for Linux. FieryFilter will ask you everytime a new network connection is made if you want to allow or deny it.
Fieryfilter is far from being usable. Currently the rule generation is incomplete. Please join development if you want to have it working faster.
Requirements:
Linux 2.4 with Netfilter and ip_queue
Gtk 2.2.1
libipq
Good knowledge of Netfilter, iptables and especially Linux
Compilation:
configure && make
Installation:
make install (as root)
cp fieryfilter.init /etc/init.d/fieryfilter
You will need to create a new group fieryfilter and place all users which want to use FF in it.
Usage:
FF is split into two distinct programs: fieryfilterd and fieryfilter. The former is the FieryFilter daemon, the latter the FieryFilter frontend application:
fieryfilterd should be run as root and will plug itself into the Netfilter ip_queue subsystem. Every packet which is pushed into the QUEUE Netfilter target is recieved by ffd.
fieryfilter is a GTK client to be run in a user environment. It connects through a UNIX socket to ffd and is notified on every incoming packet. It will popup a dialog box showing some information about the packet and ask the user if he wants to accept, drop or reject it. The user's decision is sent to ffd, that process will finally execute the user's command.
Access to fieryfilterd is only granted to users in the group "fieryfilter".
If no instance of fieryfilter is connected to ffd, the daemon will accept every single connection automatically.
You have to run the fieryfilter daemon by using the supplied init script first (as run). You may not run it "by hand", since your local firewall is set up correctly for this. After that you may run the client program fieryfilter as normal user.
FieryFilter has some memory leaks currently. This will be fixed as soon as I find time to do it.
FieryFilter 0.4 search tags