summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--README75
-rwxr-xr-xautogen.sh159
-rw-r--r--pixmaps/dns.pngbin0 -> 1804 bytes
-rw-r--r--pixmaps/ftp.pngbin0 -> 4884 bytes
4 files changed, 234 insertions, 0 deletions
diff --git a/README b/README
new file mode 100644
index 0000000..f3d4fc2
--- /dev/null
+++ b/README
@@ -0,0 +1,75 @@
+FieryFilter - A Desktop Firewall for Linux
+==========================================
+
+Version 0.1 - January 13. 2003
+Version 0.2 - February 3. 2003
+Version 0.3 - February 6. 2003
+Version 0.4 - February 17. 2003
+
+WARNING: This is a pre-alpha version, it will probably format your
+harddisk. Consider it a "preview version".
+
+Description:
+
+ FieryFilter is an interactive desktop firewall for Linux. FF will
+ ask you everytime a new network connection is made if you want to
+ allow or deny it.
+
+ Fieryfilter is far from being usable. Currently the rule
+ generation is incomplete. Please join development if you want to
+ have it working faster.
+
+Requirements:
+
+ Linux 2.4 with Netfilter and ip_queue
+ Gtk 2.2.1
+ libipq (aka netfilter-dev)
+ Good knowledge of Netfilter, iptables and especially Linux
+
+Compilation:
+
+ configure && make
+
+Installation:
+
+ make install (as root)
+ cp fieryfilter.init /etc/init.d/fieryfilter
+
+ You will need to create a new group fieryfilter and place
+ all users which want to use FF in it.
+
+Usage:
+
+ FF is split into two distinct programs: fieryfilterd and
+ fieryfilter. The former is the FieryFilter daemon, the latter the
+ FieryFilter frontend application:
+
+ fieryfilterd should be run as root and will plug itself into the
+ Netfilter ip_queue subsystem. Every packet which is pushed into
+ the QUEUE Netfilter target is recieved by ffd.
+
+ fieryfilter is a GTK client to be run in a user environment. It
+ connects through a UNIX socket to ffd and is notified on every
+ incoming packet. It will popup a dialog box showing some
+ information about the packet and ask the user if he wants to
+ accept, drop or reject it. The user's decision is sent to ffd,
+ that process will finally execute the user's command.
+
+ Access to fieryfilterd is only granted to users in the group
+ "fieryfilter".
+
+ If no instance of fieryfilter is connected to ffd, the daemon will
+ accept every single connection automatically.
+
+ You have to run the fieryfilter daemon by using the supplied init
+ script first (as run). You may not run it "by hand", since your
+ local firewall is set up correctly for this. After that you may
+ run the client program fieryfilter as normal user.
+
+FieryFilter has some memory leaks currently. This will be fixed as
+soon as I find time to do it.
+
+Nope, FF won't be able to show the process name of the process
+originating a packet. This is not possible with the API libipq provides.
+
+Lennart Poettering, 2003, mz6666@itaparica.org
diff --git a/autogen.sh b/autogen.sh
new file mode 100755
index 0000000..84baadd
--- /dev/null
+++ b/autogen.sh
@@ -0,0 +1,159 @@
+#!/bin/sh
+# Run this to generate all the initial makefiles, etc.
+
+srcdir=`dirname $0`
+test -z "$srcdir" && srcdir=.
+
+DIE=0
+
+if [ -n "$GNOME2_DIR" ]; then
+ ACLOCAL_FLAGS="-I $GNOME2_DIR/share/aclocal $ACLOCAL_FLAGS"
+ LD_LIBRARY_PATH="$GNOME2_DIR/lib:$LD_LIBRARY_PATH"
+ PATH="$GNOME2_DIR/bin:$PATH"
+ export PATH
+ export LD_LIBRARY_PATH
+fi
+
+(test -f $srcdir/configure.ac) || {
+ echo -n "**Error**: Directory "\`$srcdir\'" does not look like the"
+ echo " top-level package directory"
+ exit 1
+}
+
+(autoconf --version) < /dev/null > /dev/null 2>&1 || {
+ echo
+ echo "**Error**: You must have \`autoconf' installed."
+ echo "Download the appropriate package for your distribution,"
+ echo "or get the source tarball at ftp://ftp.gnu.org/pub/gnu/"
+ DIE=1
+}
+
+(grep "^AC_PROG_INTLTOOL" $srcdir/configure.ac >/dev/null) && {
+ (intltoolize --version) < /dev/null > /dev/null 2>&1 || {
+ echo
+ echo "**Error**: You must have \`intltool' installed."
+ echo "You can get it from:"
+ echo " ftp://ftp.gnome.org/pub/GNOME/"
+ DIE=1
+ }
+}
+
+(grep "^AM_PROG_XML_I18N_TOOLS" $srcdir/configure.ac >/dev/null) && {
+ (xml-i18n-toolize --version) < /dev/null > /dev/null 2>&1 || {
+ echo
+ echo "**Error**: You must have \`xml-i18n-toolize' installed."
+ echo "You can get it from:"
+ echo " ftp://ftp.gnome.org/pub/GNOME/"
+ DIE=1
+ }
+}
+
+(grep "^AM_PROG_LIBTOOL" $srcdir/configure.ac >/dev/null) && {
+ (libtool --version) < /dev/null > /dev/null 2>&1 || {
+ echo
+ echo "**Error**: You must have \`libtool' installed."
+ echo "You can get it from: ftp://ftp.gnu.org/pub/gnu/"
+ DIE=1
+ }
+}
+
+(grep "^AM_GLIB_GNU_GETTEXT" $srcdir/configure.ac >/dev/null) && {
+ (grep "sed.*POTFILES" $srcdir/configure.ac) > /dev/null || \
+ (glib-gettextize --version) < /dev/null > /dev/null 2>&1 || {
+ echo
+ echo "**Error**: You must have \`glib' installed."
+ echo "You can get it from: ftp://ftp.gtk.org/pub/gtk"
+ DIE=1
+ }
+}
+
+(automake --version) < /dev/null > /dev/null 2>&1 || {
+ echo
+ echo "**Error**: You must have \`automake' installed."
+ echo "You can get it from: ftp://ftp.gnu.org/pub/gnu/"
+ DIE=1
+ NO_AUTOMAKE=yes
+}
+
+
+# if no automake, don't bother testing for aclocal
+test -n "$NO_AUTOMAKE" || (aclocal --version) < /dev/null > /dev/null 2>&1 || {
+ echo
+ echo "**Error**: Missing \`aclocal'. The version of \`automake'"
+ echo "installed doesn't appear recent enough."
+ echo "You can get automake from ftp://ftp.gnu.org/pub/gnu/"
+ DIE=1
+}
+
+if test "$DIE" -eq 1; then
+ exit 1
+fi
+
+if test -z "$*"; then
+ echo "**Warning**: I am going to run \`configure' with no arguments."
+ echo "If you wish to pass any to it, please specify them on the"
+ echo \`$0\'" command line."
+ echo
+fi
+
+case $CC in
+xlc )
+ am_opt=--include-deps;;
+esac
+
+for coin in `find $srcdir -path $srcdir/CVS -prune -o -name configure.ac -print`
+do
+ dr=`dirname $coin`
+ if test -f $dr/NO-AUTO-GEN; then
+ echo skipping $dr -- flagged as no auto-gen
+ else
+ echo processing $dr
+ ( cd $dr
+
+ aclocalinclude="$ACLOCAL_FLAGS"
+
+ if grep "^AM_GLIB_GNU_GETTEXT" configure.ac >/dev/null; then
+ echo "Creating $dr/aclocal.m4 ..."
+ test -r $dr/aclocal.m4 || touch $dr/aclocal.m4
+ echo "Running glib-gettextize... Ignore non-fatal messages."
+ echo "no" | glib-gettextize --force --copy
+ echo "Making $dr/aclocal.m4 writable ..."
+ test -r $dr/aclocal.m4 && chmod u+w $dr/aclocal.m4
+ fi
+ if grep "^AC_PROG_INTLTOOL" configure.ac >/dev/null; then
+ echo "Running intltoolize..."
+ intltoolize --copy --force --automake
+ fi
+ if grep "^AM_PROG_XML_I18N_TOOLS" configure.ac >/dev/null; then
+ echo "Running xml-i18n-toolize..."
+ xml-i18n-toolize --copy --force --automake
+ fi
+ if grep "^AM_PROG_LIBTOOL" configure.ac >/dev/null; then
+ if test -z "$NO_LIBTOOLIZE" ; then
+ echo "Running libtoolize..."
+ libtoolize --force --copy
+ fi
+ fi
+ echo "Running aclocal $aclocalinclude ..."
+ aclocal $aclocalinclude
+ if grep "^AM_CONFIG_HEADER" configure.ac >/dev/null; then
+ echo "Running autoheader..."
+ autoheader
+ fi
+ echo "Running automake --gnu $am_opt ..."
+ automake --add-missing --gnu $am_opt
+ echo "Running autoconf ..."
+ autoconf
+ )
+ fi
+done
+
+conf_flags="--enable-maintainer-mode"
+
+if test x$NOCONFIGURE = x; then
+ echo Running $srcdir/configure $conf_flags "$@" ...
+ $srcdir/configure $conf_flags "$@" \
+ && echo Now type \`make\' to compile. || exit 1
+else
+ echo Skipping configure process.
+fi
diff --git a/pixmaps/dns.png b/pixmaps/dns.png
new file mode 100644
index 0000000..24216f9
--- /dev/null
+++ b/pixmaps/dns.png
Binary files differ
diff --git a/pixmaps/ftp.png b/pixmaps/ftp.png
new file mode 100644
index 0000000..ffb937e
--- /dev/null
+++ b/pixmaps/ftp.png
Binary files differ