Anonymous User
Basic personal firewall
December 18, 2010 11:19AM
Peerblock filter is really fast compared to any personal firewall i've used, but currently it works (i think) completely at kernel level without the ability to ask the user what to do with a connection.

It would be nice to start from peerblock driver to make a simple personal firewall, starting it as service and letting the user to make rules on the fly and integrate the lists into rules:

When a connection (or a packet, if it is possible to make the firewall "stateful" would be nice) is received, a list of rules may be checked (application, source/destination ip, source/destination port, and of course the ip is in the blacklist based on current lists). If a matching rule is found, then the rule actions can be Allow, Deny, Ask.
If the action is ASK or a matching rule is not found, then if a user is logged, a dialog could allow the user to Allow or Deny the connection, or to make a permanent rule by letting the user to specify all the criteria he wants, so not just a quick allow all for application. If the user is AFK, the dialog should keep in wait just current connection and not block other active or future connections. If the user is not logged in, a "default" action may be executed (ie allow any non-explitly denied connection, or block any non-explitly allowed connections).

This feature will add, letting the user to configure all the new options, to whitelist applications or ports, will include the allow http, since a rule for port tcp/80 may allow http and may other feature requests i've seen there.

This is a big work, but this may become the first open source personal firewall for windows!
Anonymous User
Re: Basic personal firewall
January 09, 2011 05:12PM
Idea is great! I register just to put second vote on this one smiling smiley
No need for fancy windows and styles. Just txt editable black/white list , simple txt rules script.

And good help explaining common ports, ips etc at one place.
Re: Basic personal firewall
January 10, 2011 01:52AM
avatar
The reason that it works so fast is because of ip ranges. If it had to go through a list of every single ip it blocked it would take forever. The idea of asking if you want to block something already placed on the list seems a little beside the point. Entities are placed on the list based on their intrusive behavior. The idea of allowing them past should be done with incredible scrutiny. If it were to ask you about every ip on a given list it would take you about 32 years (rounding up) at one click per second every hour of every day. So add 32 years to your life tell us all how old you'd be and then reconsider.

For those curious as to how I broke it down get a calculator.
Divide this number (100184361 current defaul ips) by 60 then by 60 again then by 24 then by 365.
At current default lists (31.768252600202942668696093353628) this is the time in years. (because the number after the . is greater then 5 the idea is to round up...)
Sorry, only registered users may post in this forum.

Click here to login