Skip to content

Latest commit

 

History

History
38 lines (29 loc) · 1.43 KB

README.md

File metadata and controls

38 lines (29 loc) · 1.43 KB

Kernel Module Firewall for Linux Based Systems

Implementation of software based firewall for linux based systems.

Features:

  • ICMP blocking: commands like ping use ICMP protocol but modern browsers use the TCP/IP protocol, which is beyond the scope of this project
  • IP blocking: we can specify the IP address we want to block

Quickstart

Prerequisites

Install the linux kernel headers

$ sudo apt-get install linux-headers-$(uname -r)

Build and run

$ git clone https://github.com/k3ys/firewall && cd firewall
$ cd src
$ make
$ sudo insmod firewall.ko ip_addr_rule=<desired-ip>

Notes:

Why are we using a kernel module?

Don't want to recompile the kernel everytime, it is easier this way and also the standard practice.

Future plans

Making the firewall more robust and incorporate more hooks: NP_INET_FORWARD, NP_INET_POST_ROUTING, NP_INET_LOCAL_IN, NP_INET_LOCAL_OUT.

References

  1. Simple Kernel Module in C (video)
  2. Linux firewall from scratch based on Netfilter (blog)
  3. Linux Kernel Module Programming Guide (documentation)
  4. Linux Kernel Source Tree
  5. Linux Kernel Networking Documenation