fwdaemon is a Linux-based network firewall runtime backend program.
With fwdaemon, you can add and remove rules to your packet management setup. Additionally, you can enqueue application TCP requests, with rules based on query entries. If you have this software installed, you can simply use the 'make' command to get started.
It is worth noting that fwdaemon must be run from a root account, and you will need configuration files to complete the setup. Specifically, you should copy the desktopfw directory found in the package to the /etc location, and ensure you have the following files: apps, config, and rules.
To see how this software works, fwdaemon connects to NFQUEUE and captures incoming and outgoing packets. Whenever a new TCP connection occurs, fwdaemon scans through the /proc directory to identify the application source/target and use rules to make an appropriate decision. Whenever a connection occurs without a match to a pre-existing rule, the connection is queued and waits for user interaction.
To access the software, you can use telnet at localhost, port 32123. The available commands will be displayed after the LIST command. Detailed information about the commands is available in the protocol_commands.txt file found in the package.
As for iptables, you need to set up the rules in INPUT/OUTPUT chains. You can find more information in the scripts/00_only_tcp.sh file. While fwdaemon has been tested with TCP protocol, software developers can contribute towards improving the system by pointing out any bugs noticed, or even developing a GUI applet.
The author behind this software has written fwdaemon as a separate application to meet the need for a Linux runtime firewall. The NFQUEUE target offers the best option for real-time packet management, therefore, you must have it installed in your system together with libnfnetlink, libnetfilter_queue, and glib 2.x.
The recent upgrades include the correction of the NLIF enumeration error. Additionally, a newline has been added to make it easier to identify the end of output command data in the protocol.
Version 0.1.3: N/A