JWALL
About
JWall is a gui-based client to manage one or more firewalls,
particularly in large, complex environments. Security policies
are easy to build, view and audit, as well as common tasks normally
done on the remote firewall. JWall is written in Java to allow
for clients on multiple platforms. Initially this is designed and
tested on *nix-based clients. Windows support for remote firewall
management is not on the short list of objectives, but all the other
features should work. The firewalls themselves only require Linux
with iptables support, and SSHD running; no Java, no gui.
Status
JWall is currently pretty functional, and can generate local iptables
scripts that you have to copy and execute on the remote firewalls
yourself. There is some basic usage documentation,
and support available via a support
mailing list. Keep in mind though, this is really a
developers release.
Usage
There is a download
available from Sourceforge. It includes both source, and compiled
binaries. To run binaries:
For *nix:
Download and save the .tgz file.
Type the following:
# tar -zxvf
jwall-<version>.tgz
# cd jwall
# ./runJWall.sh
For
Windows:
Download and save the .tgz file.
Unzip the file with WinZip or similar.
Edit the line that starts with "set BASE_DIR=" in the runJWall.bat file.
run JWall by double-clicking the runJWall.bat script
To
download and build from CVS:
# mkdir jwall
# cd jwall
# cvs
-d:pserver:anonymous@cvs.sourceforge.net:/cvsroot/jwall login
# cvs -z3
-d:pserver:anonymous@cvs.sourceforge.net:/cvsroot/jwall co jwall
# ant jar
You can then run the new jar like above
# java -jar bin/jwall.jar &
or use the runJWall scripts
Contribute
For anyone that wants to contribute to JWall, we need Java developers,
security engineers and testers. Please email Zack if you are interested
in participating, and what sort of skill set you have.
Future
JWall will expand in a few directions. First, we will add more
capabilties in the policies. This would be to handle types of
firewalls other than IPTables, and IPv6, for example. Also, JWall
will expand in the types of applications it can configure and control,
like FreeS/WAN (VPN), Snort (IDS), and all sorts of other applications
that might be useful for security engineers.