Get it while its hot!
Home Firewall software provides a way for schools or even parents to set up a basic firewall using Linux Iptables. And it provides a way for instructors or parents to add allowed sites dynamically.
This tool is for those who want a mostly pre-configured firewall, that is specific to the needs of education or anyone trying to guide end-users to specific areas of the Internet. Home Firewall avoids the complexity of learning Linux Iptables.
When I think of a mostly configured firewall as I state above I mean that there will be no further setup after installation. Although it may very well be necessary to add many web site domain names to the system for home-firewall to function as you wish.
There are now only two basic user input forms needed for Home Firewall.
- Form one allows a trusted user to add allowed domains to the firewall system. These will be available with in one minute after being submited to the form.
- Form two will allow a trusted user (not necessarily the same user as above) to open up the firewall for teachers/parents research. Or perhaps as a reward for the students.
There are many things going on behind the scenes in Home Firewall. Much of it is taken care of
through use of the Linux cron utility. At intervals of each minute the system
looks for user input (from the two forms discussed above). Also several times during
each day the system is maintained and optimized. One way of opitimizing the system is
to consolidate overlaping domain masks, this allows one firewall entry to cover several domains.
The use of the cron utility allows for a more secure and orderly system overall.
More information coming soon. (check back often)
Features:
- Intended destination domains are maintained in a MySQL database.
- Web interface allows 'super users' to add destination domains. As destinations are added they are available within one minute after being submitted.
- IP tables are updated nightly to reflect additions and to optimize the tables.
- Full internet access can be granted at any time. The limited domain forwarding will resume at the next refresh cycle.
- Full internet access can be granted during certain hours of the day or week.
Yours,
ChamTech dot Net
RIGHT RAIL
my fire wall list of ops' (other people's) fire walls
Stuff that was added to the rc.firewall script
MySQL tables needed to maintain 'whitelist file'
Listing of cron entries with cron scripts.
For the ultra curious: a list of some sites already in my system.
some php code for updating the database and stuff
Ok, ok, ok. This stuff needs work before the casual user will want to use it. I'll be working on it, perhaps I can recruit some help.
