🪴

rowan.dev

Firewall Configuration Manager

App Description:

This firewall configuration manager is a custom-built Linux-based client-server system that allows users to interactively and remotely manage firewall rules via terminal or socket connections. The server maintains a list of firewall rules and keeps a log of all connection queries, including matched IP-port pairs. Users can add, remove, and list firewall rules, validate connection requests, and view stored queries through a well-defined command interface.

I designed and implemented the entire system in C, focusing on concurrent socket-based communication, memory-safe request handling, and accurate parsing of firewall rules and IP/port validations. A Bash-based test suite was also developed to ensure protocol correctness and stability.

Why I built this:

The project was built to deepen my understanding of low-level systems programming, socket communication, and concurrent server architecture in C. I wanted to create a real-world tool that simulates the basic operation of a firewall controller similar to how real firewalls match incoming connections to allowlists or blocklists based on IP address and port rules.

How it was built:

Technologies used:

The system was implemented in C using POSIX sockets and multithreading for concurrent request handling. It supports both interactive and client-server modes. I wrote custom parsing and validation routines to enforce rule formatting and used dynamically managed memory structures to safely store active rules and request logs.

Functionality highlights:

  • Add/delete firewall rules via command line
  • Validate connections against stored rules
  • Track which rules accepted which queries
  • Full query logging with request listing
  • Concurrency-safe multithreaded server
  • Client program for remote interaction

Compiling and testing:

The application was compiled with GCC and tested using a university-provided Linux VM. I used valgrind to eliminate memory leaks and verified correct thread handling. A Bash script, test.sh, automated both interactive and network-based tests to validate rule correctness, command parsing, and multi-client handling.