diff --git a/Makefile b/Makefile index f77d256..e810a36 100644 --- a/Makefile +++ b/Makefile @@ -10,7 +10,11 @@ makeconf: $(info running makeconf.sh) $(SRC)makeconf.sh -install: makeconf +test: makeconf + $(info checking configuration for errors and possible optimizations) + nft -c -o -f $(SRC)$(NFT) + +install: test $(info backing up current nftables rules) cp /etc/nftables.conf $(SRC)backup.conf || nft list ruleset > $(SRC)backup.conf $(info installing new nftables rules) diff --git a/README.md b/README.md index 50c855a..a326058 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,31 @@ -# homemade_firewall +## homemade_firewall +My own hand-made firewall learning project with nftables. -My own hand-made firewall learning project with nftables. \ No newline at end of file +### License +This program is licensed under the Affero GNU Public License v3, you can read the copy that comes along with this program or read it at gnu.org's website + +### Dependencies +The following is needed to setup this firewall: +* nftables +* make +* support for nftables, forwarding and conntrack in kernel + +And the following to run the optional makeconf.sh script: +* bash version 4+ + +Because it makes use of bash arrays and integer variables introduced from that version onwards. + +### Usage +To use this firewall, you must first change the `.nft` files to suit your setup. + +Once you're satisfied, run: `make makeconf` to generate your nftables.conf. + +Run the following command before installing `make test` so nftables can check for errors. + +If there are no errors, you can install and run with `make install` + +You can verify that your new rules are in place with `nft list ruleset` + +### Bug-reporting + +Try to register an account, wait to be approved and submit an issue. If I take too long to approve your account or I reject your application, you can send me an email at celsochan@disroot.org