SYNwall

A zero-configuration (IoT) firewall

View on GitHub Chat on Gitter SYNwall Cert ;-)


Logo



SYNwall: A different way to think firewalling

SYNwall brings to you a total new way to approach firewalling: you don’t have to worry anymore about rules, IP, ports, etc. A simple PSK will allow a low-maintenance firewall-like security. Built with IoT in mind, it can be used also in different environments.

Main Features

How SYNwall works

The concept is straightforward: the SYNwall will inject, in a completely transparent way, a token in the first network packet (TCP or UDP).

If the receiving device can validate the token, the connection will be allowed, otherwise it will be dropped.

Here a quick demo:

How you can install it

Right now SYNwall is in the form of a Linux Kernel injectable module. So you can grab the sources and compile it:

# sudo apt-get install linux-headers-$(uname -r)
# git clone https://github.com/SYNwall/SYNwall.git
# cd SYNwall
# make

Now you are ready to load the module.

WARNING: this is going to drop all the traffic to your device, so be sure to know how to access with another SYNwall device or by disabling it remotely (port knocking). Read the docs if unsure:


# sudo insmod SYNwall.ko psk=123456789012345678901234567890123 precision=10 portk=12,13,14,15,16 load_delay=10000 enable_udp=1

In the future we plan to move it to other platforms (ESP8266?) and hardware.

More Info