Fire Gnome

Welcome to my preview of "Fire Gnome" (aka gfirewall).
There is not much here right now... I am concentrating on the project first.

I am using mostly C in this code... but, I do like 'string' and 'map' from the 'stl' C++ libraries so you will need libstdc++ to make it compile. I have, however, recently been exposed to glib BSTs. Although they are not as transparant as 'map' is, I think I will convert the code to use GTree insteam.

Why? I wanted to make a tool to alter ipchains-save files. I think they are a useful way of storing ipchains configurations.

Screenshots:

Dec 19, 1999

• matching screen
  

Not so current anymore...

• matching screen
  
• action screen
  
• about dialog
  

Download area:

Current version (1999-12-19)

• source tar ball
• x86 binary tar ball (static and dynamic included... kind of big)

The complete download directory...

• ./download/
  

Change log:

2000-04-21: apology

• thank you for your interest and support. I have been busy with life stuff and have not been able to put more effort into getting Fire Gnome finished. I have not abondoned the project but I just cannot see myself putting any more time into it till the mid summer. By that time the project will be revamped to work with iptables for Linux 2.4.x.

1999-12-19: fourth pre-alpha release

• got editing working
• got ordering reworked internally
• description of rules are somewhat implemented (the coarse description in the list on the right)
• just a few more things and it will be at v0.0.1 :-)

1999-12-05: third pre-alpha release

• redesigned the protocol selection a bit (a drop down and not a notebook widget is used)
• allow for port ranges (well, they are separate enteties now)
• now support named services (ports) and protocols(tcp, udp, icmp, etc); this is done by reading the /etc/services and /etc/protocols respectively

1999-12-02: second pre-alpha release

• can read/write ipchains-save/restore files.
• can alter certain fields in the chain defintions.

1999-11-28: first pre-alpha release

• can read in a file as outputed by 'ipchains-save'
• can retrieve the ipchains rules from the running system (if you are root)
• no editing or output at the momemnt

TODO/Wishlist:

For now (items for v0.1.0)

• Allow for adding and removing of rules in a chain.
• Implement the statistics functions (with automated updates)
• Write some hardcoded 'stock rules'
• Allow for macros in 'stock rules' (as in MYIP or MYGATEWAY)
• Allow for user additions to stock rules. Thanks to Shane Butler who suggested that I tie in with the Database of Masq Apps and especially with the Games List.
• Improve on the display; Wallace Owen had an idea on displaying a colour coded tree based on chains and jumps not on the main chain they belong to.

For later (v0.2 and beyond)

• Add support for tcp wrappers
• Scan system to see what is running, what ether devices there are, how the routing is done, etc.
  Based on this info you should be able to devise a strategy of how to setup the ipchains properly.
  This feature will become a 'druid' (wizard in Windows world).
• Implement a 'test packet' feature that takes a packet from a tcpdump file or by describing the packet's properties.
• Recently thanks to WPM (see below) I decided to also add scheduling into the Fire Gnome.
• I have been considering since the beginning was to allow for a dockable edit window.

Author

Bart Trojanowski bart@jukie.net
http://www.jukie.net/~bart/

Similar projects

Hey, I am not saying mine is the best...

• Web-based proxy manager
• GFCC
• PMFirewall
• ipchains-firewall
• PHP Firewall Generator

Other links

Bastill Linux

Packet Storm

---

I am looking for an icon... here are some ideas:
http://snack.p.lodz.pl/~cd/html/help/g_gnome.htm
http://iclub.nsu.ru/mud/races/gnome_eng.html