# Building a firewall from scratch



## kaidranzer (Jun 30, 2011)

Hi Guys! I am trying to develop a firewall from scratch in linux environment using C. Actually its more of a Unified Threat Management sysytem .I need some help in deciding which features to include like antispam, content filtering, vulnerability analyzing,etc. I have exactly 1 year to complete this project so please suggest which features can be coded completely in time.

I also need help in getting started. Actually I have broken the process of development in 4 stages namely :

1. Capture the packet (using libcap)
2. Break the packet into headers and data (using libpcap)
3. Analyze the headers and data and make a decision
4. ACCEPT or DROP the packet (using netfilter in linux)

Its the third step that will depend on the features which are included in the project. I plan to code using the UNIX Socket API.

Please help me out here in getting started. 

Thanks in advance


----------



## Garbage (Jun 30, 2011)

It seems that you have made your mind for developing a packet filtering firewall. But if you don't know about other types of firewalls, I would recommend you reading - Firewall (computing) - Wikipedia, the free encyclopedia

Secondly, you can look at some of the Open source firewall / threat management systems such as 
pfSense Open Source Firewall Distribution - Home
Express Open Source Firewall Project


----------



## kaidranzer (Jun 30, 2011)

Yes, packet filtering is what I plan but what I am thinking of doing is breaking a packet into headers and data. Header analysis will be the "packet-filtering firewall" kind of thing and analyzing the data would be an "application-layer firewall" kind of thing.

I need to know whether I am on the right track.


----------



## Garbage (Jul 1, 2011)

^^ IMO, as soon as you start looking at packets, you have a packet filtering firewall. Building an application layer firewall should be inherently different than building a packet filtering firewall.

BTW, here are some codes which you can look at before you start writing yours.

Express Open Source Firewall Project » Sources
*rcs.pfsense.org/projects/pfsense // *github.com/bsdperimeter/pfsense


----------

