KWallBuilder
Security
Score 70%
Description:

KWallBuilder is a tool for adding iptable rules based on the responses of the user. It tries to insulate the user from the complexities of creating a linux firewall using the iptables mechanism.

The current version supports rules based on network layer protocol and ports.
It supports TCP,UDP and ICMP protocols.

The application requires root privileges. One approach would be to add an entry in the /etc/sudoers file and run the application through sudo.

While KWallBuilder adds iptable rules, it does not guarantee that the added rules will be sufficient to completely protect the system, more details can be obtained from the application's home page.

Though the rpm provided is for SuSE, it can be used on any distribution. The rpm installs in /opt/kde3/ . The application and the icon can then be copied into the KDE directory for the distribution.

tsarodej

10 years ago

I see this project is dead... I have the source, but it doesn't work anymore on current linux... so if anyone wants it, just tell me where to put it... it would be great if this project continued in development. It helps people to understand how ipchains works.

Report

yetmagellan

10 years ago

P. S. Broken link is "http://www.kde-apps.org/content/download.php?content=32926&id=2"

Report

yetmagellan

10 years ago

That's all subj. Link is broken and there is nothing to say more. (Maybe these are temporary problems?)

Report

yetmagellan

10 years ago

P. S. Broken link is "http://www.kde-apps.org/content/download.php?content=32926&id=2"

Report

gohanz

11 years ago

A SlackWare TGz package with SlackBuild Script is Ready to DownLoad!!!

http://www.slacky.it/

http://www.slacky.it/index.php?option=com_remository&Itemid=1&func=fileinfo&filecatid=884&parent=category

Report

avasaralak

11 years ago

Thanks a bunch.

Report

xep

11 years ago

avasaralak
whi you didn't use "which" program or script to configure
you configure gui useless and poor (sorry)

Report

avasaralak

11 years ago

I appreciate the feedback on the configuration dialog. I felt its need quite late in the development and implemented the neccessary functionality without concentrating any real effort into the aesthetics of the configuration dialog.

I did not use which since it searches through the PATH environment variable looking for the executable. I did not want to assume that iptables and modprobe will always be in path. Hence, I provided for the configuration of the paths.
Maybe I can use which first and if I do not find the executable then I can request the user to configure the path.

Report

xep

11 years ago

ok
that's right

Report

tsarodej

11 years ago

Thanx for the advice - it was really that libipq.h was in /usr/include/libipq/libipq.h so I copied it /usr/include/libipq.h and now it works! Now I just have to find out another problem :-) "Error setting mode for IPV4 interface"

Report

avasaralak

11 years ago

The application requires root privileges to
1)Load the ip_queue module and
2)Invoke the iptable utility.
One approach would be to add the application in the file /etc/sudoers and
run it through sudo kwallbuilder.

Also, please check if the ip_queue module is available (it is usually available).

Report

tsarodej

11 years ago

OK. Now the application is running, embeded in systray. The module ip_queue is loaded, but nothing happens :( I should probably configure the path to iptables or modprobe but where can I find it?

Report

avasaralak

11 years ago

While KWallBuilder is initializing you should have been asked for the paths to iptables and modprobe.
Login as root and issue iptables -L if you see 3 input and 3 output rules with QUEUE that implies that iptables was found and since ip_queue was loaded it would imply that modprobe was found.
If the above is true, try ping yahoo.com.

Can you check for the .kwallbuilder.conf in the home directory ? If it is prsent please delete it and run KWallBuulder again, you should be asked for the paths.
Else, right click on the icon in the system tray and you should see a config option. Config and run KWallBuilder again.

Report

tsarodej

11 years ago

Finally :-) thank you for help. Now it works correctly. I just didn't know that it asks me for path to binary file modprobe and iptables. (/sbin/*). I really like that application. I spent so many hours looking for such software and it didn't exist. Maybe if I could see which application has sent the packet, it would be easier to decide whether to allow or deny it. So, I wish you that the development goes well.

Report

xep

11 years ago

just type full path (with program names) to iptables and modprobe...

/sbin/iptables
/sbin/modprobe
etc.

Report

tsarodej

11 years ago

It's a great Idea!!! Finally someone brougt this idea to linux... but although ./configure is OK, I cannot compile it:

In file included from main.cpp:22:
kwallbuilder.h:40:20: error: libipq.h: No such file or directory
kwallbuilder.h:75: error: 'ipq_handle' has not been declared
kwallbuilder.h:91: error: ISO C++ forbids declaration of 'ipq_handle' with no type
kwallbuilder.h:91: error: expected ';' before '*' token
builderthread.h:52: error: ISO C++ forbids declaration of 'ipq_handle' with no type
builderthread.h:52: error: expected ';' before '*' token
make[2]: *** [main.o] Error 1
...


Whats broken?

(gcc 3.4, Gnu\Linux Etch (testing))

Report

avasaralak

11 years ago

The package iptables-devel is required for compiling the application. It provides the file libip.h.

Report

tsarodej

11 years ago

I installed iptables-dev but make fails again. libipq.h is located in /usr/include/libipq/libipq.h where can I find list of all dependencies? Maybe there's still something missing.

Report

tsarodej

11 years ago

It fails with the same problem like without iptables-dev.

Report

avasaralak

11 years ago

Did you run configure after installing iptables-devel ?
Also, you can either
copy or link libipq into /usr/include or change include path in the code.

Report

juancho

11 years ago

Can you post it another place that uses por 80 and not 9054, so the users that are behind a firewall are able to download it?

Report

avasaralak

11 years ago

I uploaded the rpm to kde-apps.org. It should be available on port 80.

Report

juancho

11 years ago

Nope, the "Source download" still points to www.avasarala.info .

Report

avasaralak

11 years ago

I think only one item can be hosted on the kde-apps site. I uploaded the rpm since it is more convenient to use (since it does not have a lot of dependencies).
I would have to create a file that combines the source archive and the binary rpm to upload both to kde-apps.
I am hosting the files myself on my own website and unfortunately my service provider does not allow incoming requests on port 80.
I can mail the tar.gz to you.
P.S. I cannot access port 9054 either from my work.

Report

juancho

11 years ago

I can't use the rpm as I don't use SuSE. I can host your source tarball if you want.

Report

product-maker 12 36

File (click to download) Version Description Filetype Packagetype License Downloads Date Filesize OCS-Install DL
Details
version
0.1
updated Dec 26 2005
added Dec 24 2005
downloads today
0
page views today 2