Skip to content

w3nch/PyWall

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
core
core
 
 
ui
ui
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
argparse
argparse
 
 
os
os
 
 
pywall.py
pywall.py
 
 
sys
sys
 
 

Repository files navigation

PyWall

PyWall is a terminal-based firewall management tool written in Python. It provides a structured and safe approach to managing firewall rules with validation, persistence, deduplication, dry-run execution, and rollback-ready backups.

Warning: PyWall interacts with system firewall rules and must be run with root privileges. Always test in a virtual machine or non-production environment.

Features

  • Terminal-based command-line interface
  • Rule validation (IP address, port, protocol)
  • Persistent rule storage using JSON
  • Rule deduplication to prevent duplicates
  • Dry-run firewall execution
  • Automatic iptables backup with timestamps
  • Rollback-ready firewall design
  • Safe execution (no blind flushing of rules)

Project Structure

PyWall/
├── pywall.py              # Main CLI entry point
├── core/
│   ├── rules.py           # Rule engine (persistence and validation)
│   ├── executor.py        # Firewall executor (dry-run and backup)
│   └── __init__.py
├── config/
│   └── rules.json         # Stored firewall rules (runtime)
├── backups/               # Timestamped iptables backups
├── logs/                  # Logs (optional)
└── README.md

Requirements

  • Python 3.10 or newer
  • Linux system with iptables
  • Root privileges

Installation

Clone the repository:

git clone https://github.com/w3nch/PyWall.git
cd PyWall

Ensure the script is executable:

chmod +x pywall.py

Usage

Display help:

python3 pywall.py --help

Check firewall status:

sudo python3 pywall.py status

Add a firewall rule:

sudo python3 pywall.py add-rule --block --ip 1.2.3.4 --port 80 --protocol tcp

List firewall rules:

sudo python3 pywall.py list-rules

Delete a firewall rule:

sudo python3 pywall.py delete --id 1

Start firewall (dry-run with backup):

sudo python3 pywall.py start

Firewall Backups

Before applying any firewall changes, PyWall automatically creates a backup of the current iptables configuration.

Backups are stored in:

backups/

Backup file format:

iptables-YYYY-MM-DD_HH-MM-SS.rules

These backups can be used for rollback using iptables-restore.

Design Philosophy

PyWall is designed with safety and predictability in mind:

  • Validation before persistence
  • Persistence before execution
  • Backup before modification
  • Dry-run before live execution
  • Rollback capability built into the workflow

This approach minimizes the risk of system lockout or misconfiguration.

Roadmap

Planned enhancements include:

  • Safe rule application with automatic rollback on failure
  • INPUT and OUTPUT chain support
  • Rule priority and ordering
  • nftables backend support
  • Logging and monitoring
  • Daemon mode

Disclaimer

This project is intended for educational and experimental use. Use at your own risk. Always maintain out-of-band access when modifying firewall rules.

License

MIT License

About

PyWall is a lightweight command-line firewall management tool written in Python. It enables safe rule creation, validation, backups, and controlled execution of iptables rules.

Resources

Readme
Activity

Stars

2 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Contributors

Languages