UFWI

• Daemons
  • ufwi-filterd: an authenticating firewall based on netfilter's NFQUEUE target. It allows to write filtering rules based on user identity, in addition to classical network criteria.
  • ufwi-filterd: handles both client authentication, taking decisions on requests sent by the ufwi-filterd daemon to accept packets or not, and sending decision to the ufwi-filterd daemon.
  • ufwi-rpcd: ufwi-rpcd is an object request broker based on Python and Twisted. Each ufwi-rpcd component registers to a server a component name and a list of services. These services can be called through XMLRPC calls. It is used to manage modules and web services, and allow components to call functions from other components in a network-transparent way (it does not matter if the service is located on the local ufwi-rpcd server, or part of another ufwi-rpcd server).
  • ufwi-authd handles both client authentication, taking decisions on requests sent by the ufwi-filterd daemon to accept packets or not, and sending decision to the ufwi-filterd daemon.
• PyQt management tools
  • ufwi-ruleset: ruleset editor/designer (is composed of a PyQt GUI and an ufwi-rpcd component)
  • ufwi-log: displays firewall logs with different kind of charts (is composed of a PyQt GUI and an ufwi-rpcd component)
  • ufwi-rpcc-qt: Code shared by project:ufwi-ruleset and project:ufwi-log (authentication window, PyQt helpers, asynchronous request, keepalive mechanism)

• Name changes
  • daemons
    • project:nufw become ufwi-filterd
    • nuauth become ufwi-filterd
    • nucentral become ufwi-rpcd
  • management tools
    • nuface become ufwi-ruleset
    • nulog become ufwi-log
    • nuconf become ufwi-conf
  • libraries
    • nufw/nubase become ufwi-base
    • nufw/nuconfparser become ufwi-confparser
    • nufw/nussl become ufwi-ssl
    • nufw/clients/libs become ufwi-clientlib

• Links
  • git repositories are available here:
    • Git browser
    • Git via HTTP
    • Git via git protocol using git://vcs-git.duckcorp.org/ufwi/...
  • irc: #ufwi on Libera
  • FAQ

• Old projects:
  • Old nufw GPL extension to Netfilter (that is Linux firewall) adding authentication to filtering rules.
    • NuFW components:
      • nutcpc: UNIX command client client
      • libnuclient: library shared by all client programs
      • nufw: firewall daemon
      • nuauth: authenticating daemon
      • nussl: SSL library wrapping GnuTLS and OpenSSL libraries
      • pam_nufw: PAM script to run nutcpc backward
    • nuauth modules:
      • acls: ldap, plaintext
      • logs: MySQL, Prelude, PostgreSQL, script, syslog, ulogd2
      • authentication: ipauth_guest, MySQL, nnd, PAM, plaintext
      • mark: field, flag, group, uid
      • x509: OCSP, standard (x509_std)
      • other: multi_mode, script, postauth_localuser, session_authtype, session_expire, xml_defs (time durations and periods)
  • Old edw-svn: client-server tools to configure a firewall
  • Old ew4-updates:
    • Firewall: 36 upgrades (numbers 10..48), the developer upgrade (666, enable SSH and debug), 9 special upgrades (9000xxx), a template
    • Multi-Firewall: 2 upgrades (13 and 14)

Download NuFirewall 1.0 beta ISO (MD5: 46c43b70c36328a0fff4ced90b0a8e43).