Repository files navigation

This is IFi the interactive firewall. The main purpose is to builda firewall profile based on user decision while network is active.All rules are stored to human readable files (fw_rules_xxx.txt) forinspection/customizing.

This comes in handy when hardening a system via firewall rulesbut the actual needed/allowed addresses and ports for incomingor outgoing connections are unknown.

This is NOT an application firewall. Rules are basedon source/destination IP address and (if present) upperlayer protocol information. The reason for this is to achievea reasonable performance. Nevertheless IFi gives a hintwhich process is initiating an outgoing connection to allow aneducated white/blacklisting of connections.

Note: Packets with UDP target or source port 53 are always allowed outgoing/incoming.These two rules would have to be added manually if applied on a different machine.

• Un*x based operating system
• python 3.x
• pypacker
• psutil
• pyyaml
• iptables, NFQUEUE target support in kernel for packet intercepting, CPython

Just download/unpack

• Start in learning mode: black/whitelist addresses, stop via Ctrl+C. Customize fw_rules_xxx files and restart if needed.

  python ifi.py -l True

• Start firewall in active mode

  python ifi.py