Re: [Announce] genwall a simple iptables firewall
 

@halftux
Just checked again after getting the update from yesterday and now I do have the png and the desktop file :D (only added to latest version?)
And thanks for the revising work in advance. If you need help/advice/suggestions, we are here...

Re: [Announce] genwall a simple iptables firewall
 

The desktop file should be there since the first release (1.0.0) which was uploaded to extras. For the first release the desktop file was using sudser. This was no more needed for the upcoming versions because I added a script for the desktop file.

It could be that in version 1.0.2 the desktop file got removed because of a mistake in creating the dsc/tar.gz file. I copied old sources and forget to change some pro file which was pointing to another directory. But my deb file which I compiled on my local machine had everytime a desktop file. For further releases and the future I will use the deb from extras to see if everything is alright.

Thank you, I really appreciate the help from the community. And I am thankful for every hint or comments for improvements. I am willing to make it more perfect and to make it maemo/linux conform.

However I am not a professional and I don't know everything. But I learned many things by reading in this forum thanks to all people who are posting informations, explanations and give helpful answers.

And sorry that there is no good documentation for my application. I think for some people it is not easy to use and to find all necessary option to make the desired configuration. For me it is easy and self-explanatory due to the fact that I created the gui.
I hope I will find the time to create some example scenarios with explanations.

Also if someone has a problem with some scenario he can ask here and I try to help or writing a small step by step tutorial.

@disappear
I am sorry that I not answered your question about iptables but as far as I know your problem can not be solved with iptables It has to be done with filtering some dns inqueries.
However I don't know how to do it with N900. But it is still on my todo list:)

Re: [Announce] genwall a simple iptables firewall
 

New update out now!

1.0.4
- removed rootsh and gainroot
- added genwall.sudoers
- added reboot checkbox to save and load function
- added iptables boot rules file indicator
- added dialog when deleting user data


I have found an interesting bug I don't know what causes this but on my N900 with power kernel v52 and cssu 21.2011.38-1Tmaemo8.3 when the firewall is running I can't hear the ringtone when I get a call. It looks like that nothing get blocked from firewall.

Without cssu and kernel v51 there is everything fine. I will update cssu and will see if this is still a problem.

So please try to call yourself and check, otherwise it could be that you will miss an important call.

Re: [Announce] genwall a simple iptables firewall
 

I am really sorry but it seems that in my sudoers.d folder is something which allows everything. That is why for me 1.0.4 runs with the desktop file.
I will correct the genwall.sudoers that it will run on every system.
So 1.0.5 is on the way.

Re: [Announce] genwall a simple iptables firewall
 

It doesn't start from desktop here

Opening as root with run-standalone.sh /opt/genwall/genwall & running as normal user works.

However the desktop file doesn't work. I am on version 1.0.5.

Re: [Announce] genwall a simple iptables firewall
 

You can compare:

/etc/sudoers.d/genwall.sudoers

/usr/share/application/hildon/genwall.desktop should contain:

When this is the case maybe the postinstall script was not working fine. You can try to run in console "update-sudoers" and try the desktop file again.

Did you updated an old version or was this a new installation?
I am wondering if somebody else run into this problem with version 1.0.5.

Re: [Announce] genwall a simple iptables firewall
 

Looks the Same:

Nokia-N900:~# cat /etc/sudoers.d/genwall.sudoers
user ALL = NOPASSWD: /usr/bin/run-standalone.sh /opt/genwall/genwall
user ALL = NOPASSWD: /usr/bin/run-standalone.sh genwall
Nokia-N900:~# cat /usr/share/applications/hildon/genwall.desktop
[Desktop Entry]
Encoding=UTF-8
Version=1.0
Type=Application
Terminal=false
Name=Genwall
Exec=sudo run-standalone.sh /opt/genwall/genwall
Icon=genwall
X-Window-Icon=genwall
X-HildonDesk-ShowInToolbar=true
X-Osso-Type=application/x-executable
Nokia-N900:~#

Also it's a new install. Starting from the commandline just works

Re: [Announce] genwall a simple iptables firewall
 

That means sudser.d is working for genwall when you starting it from commandlinie with sudo. But I don't know what causes the problem with the desktop link.
I have two N900 and at both it is working. I am using both daily and can't flash them to have stock conditions.


On the N900 which comes nearest to stock:

- no sudser
- no rootsh
- has mad-developer
- has openssh
- and has some other packages

It is working.

Does somebody else has the same problem that the desktop link is not working?

When I find a cheap N900 I will buy another one only for development.

Re: [Announce] genwall a simple iptables firewall
 

I do have no problems.

@mr_pingu
What does
cat /etc/sudoers | grep genwall
say?

Starting from commandline also works as plain user.
But I am not sure wether it will work correctly?
@halftux
What about setting file permissions to 754 (instead 755)? Just im case above is true and starting as user works but will not work as expected...

Re: [Announce] genwall a simple iptables firewall
 

Good I thought with my N900 is something wrong.

Yeah for the future I can change file permission. However when you starting it as user the password routine in my application will fail and will exit the program immediately. So in principle there is no chance to see the genwall main widgets as user without root-rights(sudo), at this point they are even not created. You can see only the password dialog for some milliseconds.
I think I will add an error message.

Re: [Announce] genwall a simple iptables firewall
 

I removed the sudo in front of the desktop file and it works like it should ;)

Nokia-N900:~# cat /etc/sudoers | grep genwall
user ALL = NOPASSWD: /usr/bin/run-standalone.sh /opt/genwall/genwall
user ALL = NOPASSWD: /usr/bin/run-standalone.sh genwall

I guess the implementation of sudo in front of the desktop file requires sudser. I only have rootsh but I do NOT have sudser. AFAIK, madde also gives you root acces, not sure about this though. Also your application asks root/superuser acces after it is launched (that password prompt). And at that moment it gets it's rights, right???

So now it's launched as normal user and it does show the dialog more than milliseconds and it even allows me to get into the main application after entering the right root-password. Hope this will get you any further.

Will report back what happens if I install sudser and place sudo back in the desktop file

Re: [Announce] genwall a simple iptables firewall
 

Interesting good that you solved your problem.

This password prompt is only there that nobody can use this program unless he knows the root password. It will not give you su rights. In principle it reads the encrypted password from the linux file and this can only be done when you start genwall with root rights. I think so... I will look into it.


This means your desktop file and the sudser.d seems to work together and you get root rights as normal user when you start genwall.

Okay, but after your try I would suggest to remove sudser again.
Sudser is creating a file in sudser.d that will grant super user rights for everything you are lunching.

Re: [Announce] genwall a simple iptables firewall
 

Hmm, strange.

As said starting genwall as user works (passwd prompt stays until root pass entered and then runs), no sudo needed to start your app.

sudser has nothing to do with sudo in desktop file (afaik and experienced).
(what does 'sudo run-standalone.sh /opt/genwall/genwall' in x-term tell?) Output of sudoer looks correct. So something on your N900 goes berserk? :)
sudser may create /etc/sudoers.d/everybody.sudoers, but also in 01sudo you may find 'user all=nopasswd: all' (which I commented out after finding out and adding 'defaults targetpw').


/etc/passwd is readable by user, so genwall may read it without root rights.

and the GUI does/should not run as root, but only parts (outsorced as scripts) where root is needed. Just suggesting here ...

Re: [Announce] genwall a simple iptables firewall
 

~ $ sudo run-standalone.sh /opt/genwall/genwall
Password:
Sorry, try again.
Password:
sudo: 1 incorrect password attempt
~ $ Root
Nokia-N900:~# passwd user
Changing password for user
Enter the new password (minimum of 5, maximum of 8 characters)
Please use a combination of upper and lower case letters and numbers.
New password:
Re-enter new password:
Password changed.
Nokia-N900:~# exit
~ $ sudo run-standalone.sh /opt/genwall/genwall
Password:
Sorry, user user is not allowed to execute '/usr/bin/run-standalone.sh /opt/genwall/genwall' as root on Nokia-N900
Nokia-N900:~# root
Nokia-N900:~# apt-get install sudser
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
libruby1.8
Use 'apt-get autoremove' to remove them.
The following NEW packages will be installed:
sudser
0 upgraded, 1 newly installed, 0 to remove and 2 not upgraded.
Need to get 6670B of archives.
After this operation, 36,9kB of additional disk space will be used.
Get:1 http://repository.maemo.org fremantle-1.3/free sudser 0.2.0-4 [6670B]
Fetched 6670B in 7s (876B/s)
Selecting previously deselected package sudser.
(Reading database ... 40022 files and directories currently installed.)
Unpacking sudser (from .../sudser_0.2.0-4_all.deb) ...
Setting up sudser (0.2.0-4) ...
Password changed.
Now 'user' needs no password for sudo
If you need to log in via SSH as user,
you will have to set user password again
by running 'passwd user' as root
Please read and close the popup dialog
Nokia-N900:~# exit
~ $ sudo run-standalone.sh /opt/genwall/genwall





Edit: crucial part I forgot: The password that is needed is not known, as it doesn't accept my root password, so I set up a user passwd as I hadn't done that before. Still no luck. Then I installed sudser: It runs, so for the sudo command sudser IS needed, just what I thought... And I don't like that, for the same reason halftux warned me here above

This proves that the whole sudo in front of the command is useless as the GUI should run as user but the actual iptables commands should be run as root, ofcourse. Like Peterleinchen said ^^^ But I believe that's already done for a part if not for more. (Haven't looked at the sources)

Re: [Announce] genwall a simple iptables firewall
 

Reading only first parts of your answer it came to my mind immediately.
I changed the pw behaviour to accept only root password (Defaults targetpw) as I did not like the ubuntu way of asking for user pw to run programs as root. So of course genwall could not be started as user with sudo, as user missed a passwd (as it is default on Maemo).
Sorry.
But again it has nothing to do with sudser. Just use bb-bower (or install adduser) and give user a password (something sudser does).
Btw, good find :)

Re: [Announce] genwall a simple iptables firewall
 

Well I edited some parts to explain some more experimenting I did. Even if I did set user password, it couldn't be run unless I installed sudser. Now you say sudser only set user pw. I also set a user pw but: How the ..., why isn't genwall allowed to be executed as root by user, as it HAS sudoers file as proved in earlier posts

Re: [Announce] genwall a simple iptables firewall
 

sudser not only give user a passwd but also adds an entry
user all nopassword: all
so every process may be run with sudo. :eek:

Why on your side it did not run after giving user a pw I really do not know :(
If you like remove sudser and change user pw again. If it again does not run, run update-sudoers after pw change and tell us result...

Re: [Announce] genwall a simple iptables firewall
 

It seems that you can start genwall as an user and it will not working as excpected like you said.

So you mean adding every script to sudser.d and call the script with sudo?
So I will end up with many scripts and these can be easily run as root. When only genwall can run these scripts as root, it is more save because you need the password to run genwall.

Or how this should work? I can also pass the password with QProcess as a command line argument or I can write a password with QProcess if the process is asking for a password.
However I think it could be somehow visible and could be caught.

I can also work with setuid but don't know if this will work.

So I would leave it like it is, except changing the file permission to 754.

@mr_pingu
sorry I have really no clue
I have seen that you have rootsh installed, so you can create a script with gainroot and starting genwall. This script can be added to the desktop file. I was doing this some versions before.

Re: [Announce] genwall a simple iptables firewall
 

Yes, that was my idea.
But I do see your point.

You could give those scripts only
user ALL = PASSWD: xxx
and hand over the root passwd in each call (echo rootme | sudo script) but I agree to leave it as it is and change permission of file to 754 (or even 750) will be sufficient. This change permission needs to be done in postinst script via chmod afaik.

--
Sorry, have to correct me.
Above will not work as default behaviour of N900 is that user passwd is requested on sudo (missing 'Defaults targetpw' which will request root passwd). So I tend even more to leave it as it is.

Re: [Announce] genwall a simple iptables firewall
 

New update should be soon available version 1.0.6

Changelog:
* added blacklist in/out
* added dnsmasq domain filter
* removed bug from gate tab
* small layout changes
* added more info messages

So I added an IP-Blacklist function for the input and output chain. The lists from the listwidget must be saved before generating the script.
Lists blacklistin.txt and blacklistout.txt get saved in "/home/user/.genwall/", entries starting with an # or $ will get ignored during script generation.

For/Out-->Out-Black
Rules-->In-Black


Furthermore I added a tab with a domain filter (For/Out-->Block-Hosts). It works with dnsmasq.
Pushbutton "set dnsmasq conf" will append the dnsmasq.conf file with following entries and become green:
When you hit the button again the lines will get removed.
The save button will save the listed domains in the qlistwidget to the created file in /etc/dnsmasq.hosts.
For making the changes active you need to hit the pushbutton "restart dnsmasq".
The filtering will work only if the N900 is the dns server. When you on the phone itself the dns server must be localhost.

enjoy and have fun

And keep in mind that the N900 has no server capacity do not create to many entries and downloading huge blacklists.:)

Re: [Announce] genwall a simple iptables firewall
 

Next releases 1.0.7 and 1.0.8 will have some import function for the domain filter so you can add some file with advertising domains (ads blocker).

changelog genwall (1.0.8)

* added progressbar check double hosts
* reactivated password check
* file permission set to 754

changelog genwall (1.0.7)

* load host list from internet
* file error fixes
* changed ssh tab

The new button "load file" will bring you to the download and import function.

The download button will download the specified file to the specified location.

When you import files with the button "Load and append to list" all lines in the files starting with 0.0.0.0 will get imported/append to the listwidget. So you can already have some items in the listwidget and you can also import different files after another.

You get also asked for checking double entries but this can take a while.

Re: [Announce] genwall a simple iptables firewall
 

Hi,

in the last version 1.0.9 I included a setup page for a bt pan connection.

Prerequirements for pan:
[N900]
/etc/bluetooth/main.conf
comment out: DisablePlugins =network,input,hal

Here some instruction how to use it for:

Linux BT

Connect a (old) linux system with bt pan:

- [PC] make the adapter visible
- [N900] in the normal bluetooth setup switch on bt and make the adapter visible. Furthermore make a new trusted device and choose the pc. Now they should be paired.

- [PC] if you don't know the bt-mac address from N900 you can look for example with this command
-[PC] connect with pand to N900 mac address
-[N900] in genwall go to route->BT tab and save you ips and choose dnsmasq only lan. Now you can push the start button.

-[PC] bring device up and get ip address
Now you have a normal network up.


Connect a (new) linux system with bt pan:

- [PC] make the adapter visible
- [N900] switch on bluetooth and make it discoverable

- [PC] pair with your N900 by add a new device

- [PC] run bluez script with the mac from N900
- [N900] in genwall go to route->BT tab and save you ips and choose dnsmasq only lan. Now you can push the start button.

- [PC] if the device is not up bring device up and get an ip address

In case you want forward internet from pc to phone

[PC] avtivate forwarding
old
new
[PC] activate masquerade source is the bt pan Network
[N900] go to route->Gate tab and add the bt pan ip from PC as a new gateway.


In case you want forward internet from N900 to PC

-[N900] before you push the start button select dnsmasq forward

your N900 should have proper internet connection and a bt pan connection
- [PC] set a default route to ip from N900 bnep0 device
- [N900] genwall
{local-basics}
1.:select wan device gprs/usb/wlan
2. I would "accept connection from local machine"... makes live easier
3. If you want to connect from pc->N900 without openning ports. I would also recommend to "Accept connection from local lan".

{for/out}
4. activate forwarding and set lan device to bnep
5. Masquerade wan device should be active
6. If you like to connect for example from wifi to ssh from the pc you can forward the port to the ip address from pc bnep0 device.
Use for ssh the ip from n900 wifi/usb/gprs and it will automatic connect to the pc.
{local-basics}
7.gen rules
8. push the start button

Re: [Announce] genwall a simple iptables firewall
 

Here a quick tutorial for:

Windows BT

Prerequirements for pan:
[N900]
/etc/bluetooth/main.conf
comment out: DisablePlugins =network,input,hal

Here some instruction how to use it:

Connect a windows system with bt pan:

- [N900] switch on bluetooth and make it discoverable

- [PC] right click bt icon join a personal network
- [PC] add device and pair N900
- [PC] right click on N900 and make a connection as access point
- [N900] genwall go to route->BT tab and save you ips and choose dnsmasq only lan. Now you can push the start button.


In case you want forward internet from N900 to PC

-[N900] before you push the start button to make a bt pan connection select dnsmasq forward

your N900 should have proper internet connection and a bt pan connection

- [N900] genwall
{local-basics}
1.:select wan device gprs/usb/wlan
2. I would "accept connection from local machine"... makes live easier
3. If you want to connect from pc->N900 without openning ports. I would also recommend to "Accept connection from local lan".

{for/out}
4. activate forwarding and set lan device to bnep
5. Masquerade wan device should be active

{local-basics}
6.gen rules
7. push the start button

In case you want forward internet from pc to phone

in windows 7 the bt stack doesn't support ICS for BT PAN.
Look for the Toshiba stack.

Re: [Announce] genwall a simple iptables firewall
 

Thanks for the tutorials I would consider sticking them over on wiki.maemo.org so they don't get lost in the thread.

Re: [Announce] genwall a simple iptables firewall
 

Or even better (or.also) in a help page inside the UI?

Re: [Announce] genwall a simple iptables firewall
 

You are welcome. First I linked it to the thread starter post and I could also make a link on this wikipage.

Hmm this is a nice idea, I will think about it. However you can do so much with this tool,
only a very well structured help in a nutshell would be really helpful.

Re: [Announce] genwall a simple iptables firewall
 

New version out 1.1.2

* added help system
* removed unset forward script bug (please delete the iptable scripts in /home/user/.genwall/ firestop.sh and firestart.sh.
If you like you can also use the "delete genwall user data and exit" button. Be aware because then all files in /home/user/.genwall gets deleted).

* added load file for black list in (not recommended when generate script for N900) as blacklist you should use only a couple of ips or better add subnetworks which are used from attackers).

Now I found out how to do and it should be a clean source package. Took a really long time...because I was happy to get something to build in autobuilder not thinking to much about it.
QtCreator Windows is not the best thing to use and some tutorials or posts telling you not the full story and some hacks are not clean.
The best source was the wiki page from maemo.

The new help system uses html files. Next days I will release some help files. I will not include help files in the package. They need to be manually added to following folder "/home/user/.genwall/help".

Doing it like this way it is possible to write own help files or make notes to them for other systems or configurations. And they will not get replaced when updating to a new genwall version.
You can also copy them to another Computer for reading.

At the route->about tab a help button resides. After pushing this button a qlistwidget get filled with all html files in the help folder.
There is only one thing you should know, do not use white spaces in the names. You should do like this: "My_First_Help.html".

After a double click on an entry a new window with the help gets created. You can switch between the help and genwall app with the quick buttons (go back / help). When minimizing you can also switch to other windows.

You are welcome to contribute your own help files.

Re: [Announce] genwall a simple iptables firewall
 

Released genwall help v1.0,

still it is not complete but a good start.

• Download genwall_help_v1.0.tar.gz from first post.
• Extract the archive genwall_help_vx.x.tar.gz to /home/user/.genwall/

How to use the help see the post above.

Re: [Announce] genwall a simple iptables firewall
 

New genwall for the N9(50)!

Downloadable from first post (genwall_1.0.2_N950.deb)

Requirements

• kernel with nat support
• developer mode

How to start...open a terminal:

If you had an older version installed please go to local->settings and push the button "delete genwall user data and exit"
Now you can start genwall again.

Re: [Announce] genwall a simple iptables firewall
 

@halftux
brilliant! :)
(what about openrepos.net ?)

Re: [Announce] genwall a simple iptables firewall
 

Thank you
Still it is not complete but more useable than before.
Iptables logging should also be possible when you install sysklogd and if your running kernel supports ip filter logging.

I had some problems replacing simple-syslog-daemon with sysklogd. I needed to create manually a directory.

If klogd is not installed you also need to install klogd_2.5-5maemo3.12+0m6_armel.deb.

Done: https://openrepos.net/content/halftux/genwall

Re: [Announce] genwall a simple iptables firewall
 

Finally I had the same problem like you. I wiped and flashed one of my N900 and after installing genwall, I also could not start it with the desktop file. Before I installed rootsh and openssh.

After changing the genwall.desktop file in "/usr/share/applications/hildon/".

Code:

---

Exec=sudo run-standalone.sh /opt/genwall/genwall
changed to
Exec=sudo /usr/bin/run-standalone.sh /opt/genwall/genwall

---

I could start genwall also with the desktop file.
Then I reversed my changes and I still could start with the desktop file.:confused:

Re: [Announce] genwall a simple iptables firewall
 

So here for everyone who is wondering that no comment was made after the last release.

latest version 1.1.4 changelog:

* wifi adhoc fixed message box
* wifi adhoc check for wireless-tools
* wifi adhoc pid file gets removed
* wifi adhoc reset ip when deactivated
* usb lan reset ip when deactivated
* fixed dnsmasq pid file for lan only
* added kernel arp table (clients)
* enhanced dnsmasq info
* bt pan added check connection
* adv. settings lsof command modular

New features:

Kernel arp table
{Route-IP info}->button:clients
shows connected clients

Enhanced dnsmasq info
{Route-IP info}->button:dnsmasq
shows dhcp leases

Lsof modular command
{Local-Settings}->button:advanced settings
There you can change the command which output is shown in {Local-lsof}. Be aware that this command runs as root. You can put different parameters or different commands like netstat or ifconfig....

Re: [Announce] genwall a simple iptables firewall
 

N900 6th anniversary genwall release out now. With this you can link two N900s via bt pan.

changelog 1.2.0

* depends on libqtm-12
* changed package description
* changed resolv handling
* added open dns server as default
* added window titles
* added lsof command to save ini
* fixed save ini block host load file
* refresh filter view when deleting rules
* added bluetooth manager
* added initiate panu connection
* added top menu
* added request for dhcp ip

New Features:

Changed resolv handling
there is now an option to add DNS servers to a temporarily resolv file (/var/run/resolv.conf).
The file /etc/resolv.conf will be untouched.

Added bluetooth manager
now there is the possibility to search and pair bluetooth devices.
It is also possible to list the services.
Furthermore you can initiate a bt pan connection.
With this you can make a bt pan connection to another N900(Tutorial will follow).

Added "dhclient" dialog
for requesting a dhcp ip address for device usb0 or bnep0

Re: [Announce] genwall a simple iptables firewall
 

Would definetly like to know this, also can it be like n900 client any other device as server on bt pan? is it possible to include bt dun in genwall server/client like bt pan?

Re: [Announce] genwall a simple iptables firewall
 

If I understand correctly it should be possible, but soon you could read the tutorial and try.

I will set this on the todo/try list.

Re: [Announce] genwall a simple iptables firewall
 

Bluetooth PAN Connection

blue theme N900(1)
orange theme N900(2)
Tutorial is attached to this thread for copy to genwall help.[/LIST]

Prerequirements for pan:

[N900]
/etc/bluetooth/main.conf
comment out: DisablePlugins =network,input,hal


Search/Pair BT device:

1. [N900] switch on bluetooth and make it discoverable

   
   http://www.setius.net/bilder/n900/genwall/route_bt.png
   

2. [N900] {Route-BT} click search button
3. [N900] {Route-BT} click scan button

   http://www.setius.net/bilder/n900/genwall/bt_scan.png
   mac address color code: white=not paired; blue=paired; green=trusted paired

4. [N900] right click on found mac-address. Click Auth Pair.

   http://www.setius.net/bilder/n900/genwall/bt_pair.png

5. [N900] Accept pair.

   http://www.setius.net/bilder/n900/ge...t_ackpair1.png

6. [N900(2)] Accept pair.

   http://www.setius.net/bilder/n900/ge...t_ackpair2.png

Create PAN between 2 devices

-[N900] see if the other device support pan service

http://www.setius.net/bilder/n900/ge...bt_service.png

[N900] genwall

{Route-BT}

1. Search BT devices (see above)
2. Select BT mac address (it must be a trusted device, it should be green)
3. Push connect button. Check under {Route-IP info} if bnep0 has an ip address. If bnep0 has no ip address try to push stop and start button.

[N900(2)] genwall

{Route-IP info}

1. After bluetooth icon becomes blue push dhclient button.

   http://www.setius.net/bilder/n900/ge...t_dhclient.png

2. Choose bnep0 as interface and confirm with ok button.

   http://www.setius.net/bilder/n900/genwall/bt_dhcp.png

3. Now you should have an ip address.
4. To end the connection push the stop button on N900

Re: [Announce] genwall a simple iptables firewall
 

Tried a android phone which supports pan as server, set it on bluetooth tethering and tried to connect via genwall, it connects but dissconnects in a moment. About, bluetooth dun yeah please do, it will definetly help me and others who have n900 with dead sim slots and have spare dumb phones with dun support, there is matans thread on it but it never fully worked.

Re: [Announce] genwall a simple iptables firewall
 

If connect to "gn":
For the android I got a message and needed to allow the N900 to connect otherwise it will disconnect. If a connection timed out or fails after this you need to push the stop button before try to connect again.

*Edit: I thought I got it running once and could use internet from android. The only thing is I can't get automatic an ip address from an android device. So I put manually an IP corresponding to the android btn0 ip, added DNS server and the gateway I set to the btn0 ip. But now can't get it to work.


Need to look into the kernel modules, test config files and writing a gui this will take some time.

Re: [Announce] genwall a simple iptables firewall
 

Released version 1.2.1

added nap profile for connecting

• N900: connect with nap
• android: accept connection
• N900: request dhcp (dhclient bnep0)

Now you should be able to use internet from other device.
It could be that the pairing from genwall is not working 100% with android, so to be save initiate the pairing from android.