Profile-based, multi-layer, block-list Smart Home firewall, based on NFTables & NFQueue. Minimal version of smart-home-firewall, changed from an allow-list firewall to a block-list one.
Compile locally with:
./test/translator/translate.sh
mkdir build bin
cd build
cmake ..
cmake --build .or, more easily:
./test/translator/translate.sh
./build.shWe provide two Docker images to cross-compile for two OpenWrt targets:
- TP-Link TL-WDR4900: https://hub.docker.com/r/fdekeers/openwrt_tl-wdr4900
- Linksys WRT1200AC: https://hub.docker.com/r/fdekeers/openwrt_linksys-wrt1200ac
To pull either of them:
docker pull fdekeers/openwrt_tl-wdr4900
docker pull fdekeers/openwrt_linksys-wrt1200acTo run cross-compilation with either image:
docker run --rm --mount type=bind,source="$(pwd)",target=/home/user/iot-firewall -e ROUTER=tl-wdr4900 fdekeers/openwrt_tl-wdr4900 /home/user/iot-firewall/build.sh -t /home/user/iot-firewall/openwrt/tl-wdr4900.cmake
docker run --rm --mount type=bind,source="$(pwd)",target=/home/user/iot-firewall -e ROUTER=linksys-wrt1200ac fdekeers/openwrt_linksys-wrt1200ac /home/user/iot-firewall/build.sh -t /home/user/iot-firewall/openwrt/linksys-wrt1200ac.cmakeor use the Docker Compose configuration (by default, configured for the TP-Link WDR 4900):
docker compose up