DNX Firewall is an optimized/high performance collection of applications or services to convert a standard linux system into a zone based next generation firewall.
All software is designed to run in conjunction with eachother, but with a modular design certain aspects can be completely removed with little effort. The primary security modules have DIRECT/INLINE control over all connections, streams, messages, that goes through the system.
That being said, depending on the protocol, offloading to lower level control is present to maintain the highest possible throughput with full inspection enabled.
There is an IPTable custom chain to allow for the administrator to hook into the packet flow without the ability to accidentally override dnx security modules. A low level “architecture, system design” video will be created at some point to show how this is possible with pure python.
Included Features
Before Running
NEW: sqlite3 is now the default database in use (to simplify deployments). The environment variable “SQL_VERSION” located in dnx_configure/dnx_constants.py can be flipped to use postgresql. WARNING: switching the database used after initial configuration may cause problems.
- ensure name is netfilter.so and placed in the dnxfirewall/netfilter folder
- ensure name is binary_search.so and placed in the dnxfirewall/dnx_iptools folder
Non DNX code dependencies/sources!
General Showcase Demo (outdated)
This video is extremely outdated, but still shows general functionality and some of the high level security implementations. an updated video will be created soon which will show the newly added modules: syslog client, standard logging, ips/ids, updated dns proxy functionality, updated ip proxy functionality, more.
Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…
JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…
The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…
Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…
SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…
Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…