From 25d71c4b942ee909f22de9171fb52fa52734b511 Mon Sep 17 00:00:00 2001 From: Domingo Dirutigliano Date: Sun, 9 Mar 2025 23:51:14 +0100 Subject: [PATCH] README: update --- README.md | 7 +++++-- backend/README.md | 4 ++-- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 1e4e8b5..e932cdc 100644 --- a/README.md +++ b/README.md @@ -31,13 +31,16 @@ All the configuration at the startup is customizable in [firegex.py](./start.py) ## Functionalities -- Regex filtering using [NFQUEUE](https://netfilter.org/projects/libnetfilter_queue/doxygen/html/) with [nftables](https://netfilter.org/projects/nftables/) uses a c++ file that handle the regexes and the requests, blocking the malicius requests. PCRE2 regexes are used. The requests are intercepted kernel side, so this filter works immediatly (IPv4/6 and TCP/UDP supported) +- Regex filtering using [NFQUEUE](https://netfilter.org/projects/libnetfilter_queue/) with [nftables](https://netfilter.org/projects/nftables/) uses a c++ file that handle the regexes and the requests, blocking the malicius requests. PCRE2 regexes are used. The requests are intercepted kernel side, so this filter works immediatly (IPv4/6 and TCP/UDP supported) - Create basic firewall rules to allow and deny specific traffic, like ufw or iptables but using firegex graphic interface (by using [nftable](https://netfilter.org/projects/nftables/)) - Port Hijacking allows you to redirect the traffic on a specific port to another port. Thanks to this you can start your own proxy, connecting to the real service using the loopback interface. Firegex will be resposable about the routing of the packets using internally [nftables](https://netfilter.org/projects/nftables/) +- EXPERIMENTAL: Netfilter Proxy uses [nfqueue](https://netfilter.org/projects/libnetfilter_queue/) to simulate a python proxy, you can write your own filter in python and use it to filter the traffic. There are built-in some data handler to parse protocols like HTTP, and before apply the filter you can test it with fgex command (you need to install firegex lib from pypi). ## Documentation -Find the documentation of the backend and of the frontend in the related README files +Documentation about how the filters works, what features are available and how to use them are available on firegex interface. + +Heres a brief description about the firegex structure: - [Frontend (React)](frontend/README.md) - [Backend (FastAPI + C++)](backend/README.md) diff --git a/backend/README.md b/backend/README.md index 51cbaeb..644b41b 100644 --- a/backend/README.md +++ b/backend/README.md @@ -5,8 +5,8 @@ The backend of firegex is written with fastapi. The aim of the backend is to manage all the requests from the react front-end and manage also the proxy processes of the entire firewall. The fastapi webserver is responsable of deploying the react app. ![Firegex Working Scheme](../docs/FiregexInternals.png) -Schematic example about how firegex manage the TCP proxy filter +Schematic example about how firegex manage the filters -### Read the documentation of the API going at `/docs` path and see the automatic documentation generated by FastAPI +### Read the documentation of the API going at `/api/docs` path and see the swagger documentation of the API. ## [GO BACK](../README.md)