This is an open-source mini project that simulates a basic stateful firewall using Node.js. It reads a list of filtering rules and a network traffic capture (pcap file), then decides which packets are allowed or denied.
-
Clone or download this repository.
-
Open a terminal in the project directory.
-
Install dependencies:
npm install
Run the simulator with:
node fw_sim.js --rules rules.json --traffic traffic.pcap > decisions.csvThis command:
- Loads the rules from
rules.json - Parses packets from
traffic.pcap - Writes results into
decisions.csv
Rules are defined in rules.json as an array of objects:
{
"action": "allow" | "deny",
"src": "IP address, subnet, or any",
"dst": "IP address, subnet, or any",
"proto": "tcp" | "udp" | "icmp" | "any",
"sport": "port, range, or any",
"dport": "port, range, or any",
"note": "description"
}Example rules:
[
{ "action": "allow", "src": "any", "dst": "any", "proto": "udp", "dport": "53", "note": "dns" },
{ "action": "allow", "src": "any", "dst": "any", "proto": "tcp", "dport": "80,443", "note": "web" },
{ "action": "deny", "src": "any", "dst": "any", "proto": "any", "sport": "any", "dport": "any", "note": "default" }
]The simulator outputs a CSV file (decisions.csv) with one line per packet:
timestamp,proto,src,sport,dst,dport,decision,reason,rule_index,rule_note