This project implements a simple firewall with stateful connection tracking. It inspects network packets, identifies traffic flows, and produces human-readable allow/block messages based on configurable rules. The goal is to demonstrate how a basic packet-filtering firewall can make decisions using flow awareness rather than stateless rules alone.
- Tracks flows using source/destination IP, ports, and protocol
- Distinguishes new, established, and invalid connections
- Applies allow/block logic per flow state
- Outputs clear, readable decision messages
- Designed for experimentation and learning in a lab environment
- Incoming packets are parsed to extract flow identifiers.
- The firewall checks whether the flow is already known.
- Based on state and rules, the packet is allowed or blocked.
- A descriptive message explains the decision.
- Python 3.10+ (or update to match your environment)
- scapy (if used for packet parsing)
- Any other dependencies listed in requirements.txt
pip install -r requirements.txtRun the script from the project root:
python firewall.pyLogs and decisions will be printed to the console.
This project is designed for educational and defensive research in isolated lab environments. It is not intended for production deployment.