JWall is a gui-based client to manage one or more firewalls, particularly in large, complex environments.  Security policies are easy to build, view and audit, as well as common tasks normally done on the remote firewall.  JWall is written in Java to allow for clients on multiple platforms.  Initially this is designed and tested on *nix-based clients.  Windows support for remote firewall management is not on the short list of objectives, but all the other features should work.  The firewalls themselves only require Linux with iptables support, and SSHD running; no Java, no gui.


JWall is currently pretty functional, and can generate local iptables scripts that you have to copy and execute on the remote firewalls yourself.  There is some basic usage documentation, and support available via a support mailing list.  Keep in mind though, this is really a developers release.


There is a download available from Sourceforge.  It includes both source, and compiled binaries.  To run binaries:

For *nix:
Download and save the .tgz file. 
Type the following:
# tar -zxvf jwall-<version>.tgz
# cd jwall

# ./runJWall.sh

For Windows:
Download and save the .tgz file.
Unzip the file with WinZip or similar.
Edit the line that starts with "set BASE_DIR=" in the runJWall.bat file.
run JWall by double-clicking the runJWall.bat script

To download and build from CVS:
# mkdir jwall
# cd jwall
# cvs -d:pserver:anonymous@cvs.sourceforge.net:/cvsroot/jwall login
# cvs -z3 -d:pserver:anonymous@cvs.sourceforge.net:/cvsroot/jwall co jwall
# ant jar

You can then run the new jar like above
# java -jar bin/jwall.jar &
or use the runJWall scripts


For anyone that wants to contribute to JWall, we need Java developers, security engineers and testers.  Please email Zack if you are interested in participating, and what sort of skill set you have.


JWall will expand in a few directions.  First, we will add more capabilties in the policies.  This would be to handle types of firewalls other than IPTables, and IPv6, for example.  Also, JWall will expand in the types of applications it can configure and control, like FreeS/WAN (VPN), Snort (IDS), and all sorts of other applications that might be useful for security engineers.

home | feautures | screenshots | documentation | contact | summary | mailing lists | tasks |cvs

for questions and/or comments on this web site, contact webmaster

The JWall project would like to thank SourceForge.net Logo for their support