Diagram of how appfire works.
description | project page | requirements | installation | sample config | parameters | licensing | author
appfire is a simple to use application-layer firewall with support for regular expressions. There are two parts to appfire. First, the firewall section transparently forwards all communication between client and server, maintains a copy of the client to server traffic, applies it to a set of regular expressions, and terminates the connection if one of the regular expressions matches the content. Currently, appfire will only forward to services on the local machine. The second section is a RPC server and client pair (named tappfire and cappfire, respectively) that provide remote management services for the appfire configuration file.
Some of its current features are:
Upcoming features:
Best of all, the program is completely free and the full source code is available under the Common Public License.
The latest release of appfire is 0.8.1. You can download appfire from its project page at SourceForge.
Warning! appfire is under heavy development. As such, some features may be buggy and may not work as intended. Additionally, formal documentation is lacking in many areas. Please keep this in mind when using appfire.
appfire
appfire is packaged with autotools for a simple installation process. Afer you download the source from the project page, you can install by executing the following commands:
tappfire and cappfire
appfire also comes packaged with tappfire and cappfire, the RPC server and client pair that provides remote management services for the appfire configuration file. To install tappfire and cappfire, simply repeat the above procedure for the compressed tappfire source. cappfire (the RPC file management client), will be included with the tappfire (RPC file management server) installation process.
additional libraries
appfire was developed alongside two libraries, the libmydiag library and the libzocket library. They are available for download on the project page, and you may install them in the same manner as detailed above. You must install them for appfire to run; future versions of appfire will not require this extra step.
installing to a custom directory
To install any of the programs into a specified directory, append prefix=/home/users/jdoe/myinstall to the configure command.
For appfire to start, you will need to create a configuration file. A configuration file consists of a series of rules that are delimited by newlines and specified in the form of:
LISTENPORT SERVICEPORT REGEXP
An example configuration file that listens on port 80 and forwards to port 8081, listens on port 21 and forwards to port 2221 is shown below. Note that for connections being forwarded to port 2221, there will be two rules to match against.
80 8081 User-Agent: .*Safari 21 2221 QUOTE .* EXEC 21 2221 .*/warez/
For SSL connections, prefix a "-" before the port to use SSL. The below example will tell appfire to listen for SSL connections on port 80 and forward to SSL port 2221:
-80 8081 User-Agent: .*Safari 21 -2221 QUOTE .* EXEC 21 -2221 .*/warez/
Note that each listen port / service port pair may have multiple rules to match against. Also, loops are checked for and disallowed by the program. There is a limit of 10000 rules.
appfire
Appfire has the following parameters:
tappfire and cappfire
tappfire/cappfire has the following parameters:
appfire is licensed under the CPL. The Common Public License is a free software / open-source software license published by IBM. You may view the entire license here.
For any questions or comments relating to appfire, you may contact the author at tah.mah.de AT gmail DOT com.
