Ever since I started playing with packet filters on embedded PCs, I wanted to have a nice web-based GUI to control all aspects of my firewall without having to type a single shell command. There are numerous efforts to create nice firewall packages with web interfaces on the Internet (most of them Linux based), but none met all my requirements (free, fast, simple, clean and with all the features I need). So, I eventually started writing my own web GUI. But soon I figured out that I didn't want to create another incarnation of webmin – I wanted to create a complete, new embedded firewall software package. It all evolved to the point where one could plug in the box, set the LAN IP address via the serial console, log into the web interface and set it up.

 

 

 

Background

Ever since I started playing with packet filters on embedded PCs, I wanted to have a nice web-based GUI to control all aspects of my firewall without having to type a single shell command. There are numerous efforts to create nice firewall packages with web interfaces on the Internet (most of them Linux based), but none met all my requirements (free, fast, simple, clean and with all the features I need). So, I eventually started writing my own web GUI. But soon I figured out that I didn't want to create another incarnation of webmin – I wanted to create a complete, new embedded firewall software package. It all evolved to the point where one could plug in the box, set the LAN IP address via the serial console, log into the web interface and set it up. Then I decided that I didn't like the usual bootup system configuration with shell scripts (I already had to write a C program to generate the filter rules since that's almost impossible in a shell script), and since my web interface was based on PHP, it didn't take me long to figure out that I might use PHP for the system configuration as well. That way, the configuration data would no longer have to be stored in text files that can be parsed in a shell script – it could now be stored in an XML file. So I completely rewrote the whole system again, not changing much in the look-and-feel, but quite a lot "under the hood".

– Manuel Kasper

 

 

Articolul original

Tags: