Skip to main content

Built a firewall from scratch

More
18 years 4 months ago #14795 by Pon
Built a firewall from scratch was created by Pon
Hello everyone,
i have to built a firewall from scratch but i dont know how to start, any usefull suggestion will be appriceated.

The project i have is to built a firewall from scratch with user interface, i m thinking something in linux with iptables, a web interface for user, but can a user change iptables rules from a web interface connecting with a cgi script, should i make the user interface with c ?

is it possible to built a firewall in that way? if anyone have something to suggest plz post it here or pm me

thanks a lot :)
More
18 years 4 months ago #14799 by TheBishop
Replied by TheBishop on topic Re: Built a firewall from scratch
Hello pon
I'm assuming you've got to do this as an assignment or a project. In that case I would first define the scope of the project carefully. Modern commercial firewalls offer quite a range of advanced features and helps that you can't hope to replicate for an assignment. So define your scope - a basic firewall needs to have two interfaces that the operating system can route between, then on top of that it needs to have some sort of rule-based enforcement engine that will permit or deny packets according to the rules. Given that, your task becomes manageable.
I'd say that iptables is probably the way to go. Get the basics working first in their raw form then figure out a way to build a user interface to manipulate them. There's a lot of documentation on iptables on the internet and you'll find several experts here on Firewall.cx if you have problems. Let us know how you get on.
More
18 years 4 months ago #14809 by Pon
Replied by Pon on topic Re: Built a firewall from scratch
thanks for the fast reply man :)

so its time to start reading iptables....
More
18 years 4 months ago #14814 by DaLight
Replied by DaLight on topic Re: Built a firewall from scratch
To add to the Bishop's advice, after gaining proficiency in iptables and sorting out the basis of your firewall, your user interface can definitely be constructed using cgi scripts. A number of popular iptables-based firewall distributions use this method. IPCOP for example uses perl for the web interface, which obviously makes development easier and faster.
More
18 years 3 months ago #14847 by Pon
Replied by Pon on topic Re: Built a firewall from scratch
thanks a lot mate, i wasnt sure if i could use a web interface and cgi scripts to connect ip table rules with the interface...

now i have i clear view of my subject, all i have to do is to create my rules with iptables, then built a web interface and connecting with iptables with cgi scripts

thanks a lot both again :)
Time to create page: 0.127 seconds