KWallBuilder
Security
Description:

KWallBuilder is a tool for adding iptable rules based on the responses of the user. It tries to insulate the user from the complexities of creating a linux firewall using the iptables mechanism.

The current version supports rules based on network layer protocol and ports.
It supports TCP,UDP and ICMP protocols.

The application requires root privileges. One approach would be to add an entry in the /etc/sudoers file and run the application through sudo.

While KWallBuilder adds iptable rules, it does not guarantee that the added rules will be sufficient to completely protect the system, more details can be obtained from the application's home page.

Though the rpm provided is for SuSE, it can be used on any distribution. The rpm installs in /opt/kde3/ . The application and the icon can then be copied into the KDE directory for the distribution.

10 years ago

tsarodej

I see this project is dead... I have the source, but it doesn't work anymore on current linux... so if anyone wants it, just tell me where to put it... it would be great if this project continued in development. It helps people to understand how ipchains works.

Report

10 years ago

yetmagellan

Report

10 years ago

yetmagellan

That's all subj. Link is broken and there is nothing to say more. (Maybe these are temporary problems?)

Report

10 years ago

yetmagellan

Report

11 years ago

gohanz

Report

11 years ago

avasaralak

Thanks a bunch.

Report

11 years ago

xep

avasaralak
whi you didn't use "which" program or script to configure
you configure gui useless and poor (sorry)

Report

11 years ago

avasaralak

I appreciate the feedback on the configuration dialog. I felt its need quite late in the development and implemented the neccessary functionality without concentrating any real effort into the aesthetics of the configuration dialog.

I did not use which since it searches through the PATH environment variable looking for the executable. I did not want to assume that iptables and modprobe will always be in path. Hence, I provided for the configuration of the paths.
Maybe I can use which first and if I do not find the executable then I can request the user to configure the path.

Report

11 years ago

xep

ok
that's right

Report

11 years ago

tsarodej

Thanx for the advice - it was really that libipq.h was in /usr/include/libipq/libipq.h so I copied it /usr/include/libipq.h and now it works! Now I just have to find out another problem :-) "Error setting mode for IPV4 interface"

Report

11 years ago

avasaralak

The application requires root privileges to
1)Load the ip_queue module and
2)Invoke the iptable utility.
One approach would be to add the application in the file /etc/sudoers and
run it through sudo kwallbuilder.

Also, please check if the ip_queue module is available (it is usually available).

Report

11 years ago

tsarodej

OK. Now the application is running, embeded in systray. The module ip_queue is loaded, but nothing happens :( I should probably configure the path to iptables or modprobe but where can I find it?

Report

11 years ago

avasaralak

While KWallBuilder is initializing you should have been asked for the paths to iptables and modprobe.
Login as root and issue iptables -L if you see 3 input and 3 output rules with QUEUE that implies that iptables was found and since ip_queue was loaded it would imply that modprobe was found.
If the above is true, try ping yahoo.com.

Can you check for the .kwallbuilder.conf in the home directory ? If it is prsent please delete it and run KWallBuulder again, you should be asked for the paths.
Else, right click on the icon in the system tray and you should see a config option. Config and run KWallBuilder again.

Report

11 years ago

tsarodej

Finally :-) thank you for help. Now it works correctly. I just didn't know that it asks me for path to binary file modprobe and iptables. (/sbin/*). I really like that application. I spent so many hours looking for such software and it didn't exist. Maybe if I could see which application has sent the packet, it would be easier to decide whether to allow or deny it. So, I wish you that the development goes well.

Report

11 years ago

xep

just type full path (with program names) to iptables and modprobe...

/sbin/iptables
/sbin/modprobe
etc.

Report

11 years ago

tsarodej

It's a great Idea!!! Finally someone brougt this idea to linux... but although ./configure is OK, I cannot compile it:

In file included from main.cpp:22:
kwallbuilder.h:40:20: error: libipq.h: No such file or directory
kwallbuilder.h:75: error: 'ipq_handle' has not been declared
kwallbuilder.h:91: error: ISO C++ forbids declaration of 'ipq_handle' with no type
kwallbuilder.h:91: error: expected ';' before '*' token
builderthread.h:52: error: ISO C++ forbids declaration of 'ipq_handle' with no type
builderthread.h:52: error: expected ';' before '*' token
make[2]: *** [main.o] Error 1
...


Whats broken?

(gcc 3.4, Gnu\Linux Etch (testing))

Report

11 years ago

avasaralak

The package iptables-devel is required for compiling the application. It provides the file libip.h.

Report

11 years ago

tsarodej

I installed iptables-dev but make fails again. libipq.h is located in /usr/include/libipq/libipq.h where can I find list of all dependencies? Maybe there's still something missing.

Report

11 years ago

tsarodej

It fails with the same problem like without iptables-dev.

Report

11 years ago

avasaralak

Did you run configure after installing iptables-devel ?
Also, you can either
copy or link libipq into /usr/include or change include path in the code.

Report

11 years ago

juancho

Can you post it another place that uses por 80 and not 9054, so the users that are behind a firewall are able to download it?

Report

11 years ago

avasaralak

I uploaded the rpm to kde-apps.org. It should be available on port 80.

Report

11 years ago

juancho

Nope, the "Source download" still points to www.avasarala.info .

Report

11 years ago

avasaralak

I think only one item can be hosted on the kde-apps site. I uploaded the rpm since it is more convenient to use (since it does not have a lot of dependencies).
I would have to create a file that combines the source archive and the binary rpm to upload both to kde-apps.
I am hosting the files myself on my own website and unfortunately my service provider does not allow incoming requests on port 80.
I can mail the tar.gz to you.
P.S. I cannot access port 9054 either from my work.

Report

11 years ago

juancho

I can't use the rpm as I don't use SuSE. I can host your source tarball if you want.

Report

Supporters

Recent Donations

Be the first to donate
Filename Version Description Filetype Packagetype License Downloads Date Filesize Install
Score 70%
70.00 Likes
30 Dislikes

0 Supporters for KWallBuilder:

Recent Donations:

Be the first to donate
show all
Details
version
0.1
updated Dec 26 2005
added Dec 24 2005
downloads
page views 186
support avasaralak
For The Product
KWallBuilder
5 - 10 - 25 - 50 - 100 - 200 - 500