Linux Application Firewall
Linux Application Firewall (LAF) is an application firewall for Linux. It allows users full control over which applications are allowed to communicate over the network.
LAF requires libnetfilter-queue, it’s dependency libnfnetlink and a kernel 2.6.14 or later.
sudo apt-get install libnfnetlink-dev libnetfilter-queue-dev
Build using meson
meson build
ninja -C build
Run clang static analyser:
sudo apt install clang-tools # To install clangs scan-build.
ninja -C build scan-build
Create an iptables rule:
sudo iptables -A OUTPUT -p all -j NFQUEUE --queue-num 0
Add entries to the whitelist.txt file as follows:
<destination_ip> <port>
<destination_ip> <port>
*
can be used for either as an allow all.
If you are a C or a Python developer you can help us improve LAF. Feel free to take a look at the bug tracker for some tasks to do.
LAF is licensed under GPLv3 license. See LICENSE for more information.