DFWFW (Docker Firewall Framework)
Tool and Usage
DFWFW, short of Docker Firewall Framework, offers easy administration of the iptables rules of Docker containers. It updates using event streams.
How it works
DFWFW uses event stream of the local Docker daemon. Any changes to the containers are received almost real-time, so the firewall rules can be adjusted where needed. The tool has a primary focus on the firewall rules of the primary network bridge. However, it does support injecting firewall rules for other network namespaces as well.
The license of this project is unclear. It states "The software is free for any purposes, but no responsibility."
Usage and audience
DFWFW is commonly used for firewall management. Target users for this tool are security professionals and system administrators.
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + The source code of this software is available
- - Full name of author is unknown
Supported operating systems
DFWFW is known to work on Linux.
Similar tools to DFWFW:
Assimilator is a firewall orchestration tool. It allows configuration and automation of firewall rules by proxy requests to different types of firewalls.
FireHOL is promoted as an iptables stateful packet filtering firewall for humans. It also comes with FireQOS, which a bandwidth shaper based on tc.
Anchore is a toolkit to perform in-depth container analysis, inspection, and controlling them. Among security scanning, it can do a wide range of functions.