Re: [Announce] genwall a simple iptables firewall
 

Next releases 1.0.7 and 1.0.8 will have some import function for the domain filter so you can add some file with advertising domains (ads blocker).

changelog genwall (1.0.8)

* added progressbar check double hosts
* reactivated password check
* file permission set to 754

changelog genwall (1.0.7)

* load host list from internet
* file error fixes
* changed ssh tab

The new button "load file" will bring you to the download and import function.

The download button will download the specified file to the specified location.

When you import files with the button "Load and append to list" all lines in the files starting with 0.0.0.0 will get imported/append to the listwidget. So you can already have some items in the listwidget and you can also import different files after another.

You get also asked for checking double entries but this can take a while.

Re: [Announce] genwall a simple iptables firewall
 

Hi,

in the last version 1.0.9 I included a setup page for a bt pan connection.

Prerequirements for pan:
[N900]
/etc/bluetooth/main.conf
comment out: DisablePlugins =network,input,hal

Here some instruction how to use it for:

Linux BT

Connect a (old) linux system with bt pan:

- [PC] make the adapter visible
- [N900] in the normal bluetooth setup switch on bt and make the adapter visible. Furthermore make a new trusted device and choose the pc. Now they should be paired.

- [PC] if you don't know the bt-mac address from N900 you can look for example with this command
-[PC] connect with pand to N900 mac address
-[N900] in genwall go to route->BT tab and save you ips and choose dnsmasq only lan. Now you can push the start button.

-[PC] bring device up and get ip address
Now you have a normal network up.


Connect a (new) linux system with bt pan:

- [PC] make the adapter visible
- [N900] switch on bluetooth and make it discoverable

- [PC] pair with your N900 by add a new device

- [PC] run bluez script with the mac from N900
- [N900] in genwall go to route->BT tab and save you ips and choose dnsmasq only lan. Now you can push the start button.

- [PC] if the device is not up bring device up and get an ip address

In case you want forward internet from pc to phone

[PC] avtivate forwarding
old
new
[PC] activate masquerade source is the bt pan Network
[N900] go to route->Gate tab and add the bt pan ip from PC as a new gateway.


In case you want forward internet from N900 to PC

-[N900] before you push the start button select dnsmasq forward

your N900 should have proper internet connection and a bt pan connection
- [PC] set a default route to ip from N900 bnep0 device
- [N900] genwall
{local-basics}
1.:select wan device gprs/usb/wlan
2. I would "accept connection from local machine"... makes live easier
3. If you want to connect from pc->N900 without openning ports. I would also recommend to "Accept connection from local lan".

{for/out}
4. activate forwarding and set lan device to bnep
5. Masquerade wan device should be active
6. If you like to connect for example from wifi to ssh from the pc you can forward the port to the ip address from pc bnep0 device.
Use for ssh the ip from n900 wifi/usb/gprs and it will automatic connect to the pc.
{local-basics}
7.gen rules
8. push the start button

Re: [Announce] genwall a simple iptables firewall
 

Here a quick tutorial for:

Windows BT

Prerequirements for pan:
[N900]
/etc/bluetooth/main.conf
comment out: DisablePlugins =network,input,hal

Here some instruction how to use it:

Connect a windows system with bt pan:

- [N900] switch on bluetooth and make it discoverable

- [PC] right click bt icon join a personal network
- [PC] add device and pair N900
- [PC] right click on N900 and make a connection as access point
- [N900] genwall go to route->BT tab and save you ips and choose dnsmasq only lan. Now you can push the start button.


In case you want forward internet from N900 to PC

-[N900] before you push the start button to make a bt pan connection select dnsmasq forward

your N900 should have proper internet connection and a bt pan connection

- [N900] genwall
{local-basics}
1.:select wan device gprs/usb/wlan
2. I would "accept connection from local machine"... makes live easier
3. If you want to connect from pc->N900 without openning ports. I would also recommend to "Accept connection from local lan".

{for/out}
4. activate forwarding and set lan device to bnep
5. Masquerade wan device should be active

{local-basics}
6.gen rules
7. push the start button

In case you want forward internet from pc to phone

in windows 7 the bt stack doesn't support ICS for BT PAN.
Look for the Toshiba stack.

Re: [Announce] genwall a simple iptables firewall
 

Thanks for the tutorials I would consider sticking them over on wiki.maemo.org so they don't get lost in the thread.

Re: [Announce] genwall a simple iptables firewall
 

Or even better (or.also) in a help page inside the UI?

Re: [Announce] genwall a simple iptables firewall
 

You are welcome. First I linked it to the thread starter post and I could also make a link on this wikipage.

Hmm this is a nice idea, I will think about it. However you can do so much with this tool,
only a very well structured help in a nutshell would be really helpful.

Re: [Announce] genwall a simple iptables firewall
 

New version out 1.1.2

* added help system
* removed unset forward script bug (please delete the iptable scripts in /home/user/.genwall/ firestop.sh and firestart.sh.
If you like you can also use the "delete genwall user data and exit" button. Be aware because then all files in /home/user/.genwall gets deleted).

* added load file for black list in (not recommended when generate script for N900) as blacklist you should use only a couple of ips or better add subnetworks which are used from attackers).

Now I found out how to do and it should be a clean source package. Took a really long time...because I was happy to get something to build in autobuilder not thinking to much about it.
QtCreator Windows is not the best thing to use and some tutorials or posts telling you not the full story and some hacks are not clean.
The best source was the wiki page from maemo.

The new help system uses html files. Next days I will release some help files. I will not include help files in the package. They need to be manually added to following folder "/home/user/.genwall/help".

Doing it like this way it is possible to write own help files or make notes to them for other systems or configurations. And they will not get replaced when updating to a new genwall version.
You can also copy them to another Computer for reading.

At the route->about tab a help button resides. After pushing this button a qlistwidget get filled with all html files in the help folder.
There is only one thing you should know, do not use white spaces in the names. You should do like this: "My_First_Help.html".

After a double click on an entry a new window with the help gets created. You can switch between the help and genwall app with the quick buttons (go back / help). When minimizing you can also switch to other windows.

You are welcome to contribute your own help files.

Re: [Announce] genwall a simple iptables firewall
 

Released genwall help v1.0,

still it is not complete but a good start.

• Download genwall_help_v1.0.tar.gz from first post.
• Extract the archive genwall_help_vx.x.tar.gz to /home/user/.genwall/

How to use the help see the post above.

Re: [Announce] genwall a simple iptables firewall
 

New genwall for the N9(50)!

Downloadable from first post (genwall_1.0.2_N950.deb)

Requirements

• kernel with nat support
• developer mode

How to start...open a terminal:

If you had an older version installed please go to local->settings and push the button "delete genwall user data and exit"
Now you can start genwall again.

Re: [Announce] genwall a simple iptables firewall
 

@halftux
brilliant! :)
(what about openrepos.net ?)