Building a firewall from scratch

K

kaidranzer

Right off the assembly line
Hi Guys! I am trying to develop a firewall from scratch in linux environment using C. Actually its more of a Unified Threat Management sysytem .I need some help in deciding which features to include like antispam, content filtering, vulnerability analyzing,etc. I have exactly 1 year to complete this project so please suggest which features can be coded completely in time.

I also need help in getting started. Actually I have broken the process of development in 4 stages namely :

1. Capture the packet (using libcap)
2. Break the packet into headers and data (using libpcap)
3. Analyze the headers and data and make a decision
4. ACCEPT or DROP the packet (using netfilter in linux)

Its the third step that will depend on the features which are included in the project. I plan to code using the UNIX Socket API.

Please help me out here in getting started.

Thanks in advance
 
Garbage

Garbage

God of Mistakes...
It seems that you have made your mind for developing a packet filtering firewall. But if you don't know about other types of firewalls, I would recommend you reading - Firewall (computing) - Wikipedia, the free encyclopedia

Secondly, you can look at some of the Open source firewall / threat management systems such as
pfSense Open Source Firewall Distribution - Home
Express Open Source Firewall Project
 
OP
K

kaidranzer

Right off the assembly line
Yes, packet filtering is what I plan but what I am thinking of doing is breaking a packet into headers and data. Header analysis will be the "packet-filtering firewall" kind of thing and analyzing the data would be an "application-layer firewall" kind of thing.

I need to know whether I am on the right track.
 
Garbage

Garbage

God of Mistakes...
^^ IMO, as soon as you start looking at packets, you have a packet filtering firewall. Building an application layer firewall should be inherently different than building a packet filtering firewall.

BTW, here are some codes which you can look at before you start writing yours.

Express Open Source Firewall Project » Sources
*rcs.pfsense.org/projects/pfsense // *github.com/bsdperimeter/pfsense
 
You must log in or register to reply here.
Top Bottom