Leopard Flower

0.4 RC3 GPL v3    
Application firewall for Linux OS





Leopard Flower is a personal firewall for Linux OSes (based on libnetfilter_queue) which allows to allow or deny Internet access on a per-application basis rather than on a port/protocol basis.

Leopard Flower (LPFW) gives the user control over which applications are allowed to use the network. It consist of a backend/daemon and a graphical frontend.

These instructions apply specifically to Ubuntu 10.10 but are very likely to work on other Linux distributions.

The following packaged must be installed for lpfw to work:

-  libnetfilter-queue
-  libnetfilter-conntrack
-  libnfnetlink

  1. Make sure files lpfw and lpfwgui are in the same folder
  2. In a terminal window launch "lpfw" as root
  3. In a terminal window of an X session launch "lpfw --gui" as a regular user (not root). You will see the graphical frontend.
  4. Is you prefer to use a command line frontend instead of the graphical one, issue "lpfw --cli" in a terminal window of an X session.

  1. If you don't want lpfw to look for lpfwcli/lpfwgui in the same folder, you can pass to lpfw a command line option --cli-path=/--gui-path= followed by a path to lpfwcli/lpfwgui
  2. If you want lpfw to start upon system boot-up, lpfw.conf is an upstart script which should be placed into /etc/init.(If your distro doen't use upstart, then the script should be adjusted to your distro's needs). This script expects to find lpfw in /usr/sbin
  3. 30-lpfw.conf can be placed into /etc/rsyslog.d if you want logs to go to syslog
  4. Assuming lpfw was launched either by upstart or manually as root, in a terminal window of an X session launch "lpfw --cli"/"lpfw --gui" as a regular user (not root). You will see an ncurses based/graphical frontend.(By default lpfwcli uses zenity popups. If you don't want to use zenity run ./lpfw --cli --no-zenity.

  These can be also seen with "lpfw --help".

  File to which rules are commited (default: /etc/lpfw.rules)

  Where to write logs. Possible values stdout(default), file, syslog

  If --logging_facility=file, then this is the file to which to write logging information. Default /tmp/lpfw.log

  Pidfile which prevents two instances of lpfw being launched at the same time. Default /var/log/lpfw.pid

  Path to lpfwcli ncurses frontend. It will be launched in xterm window. Default: in the same folder as lpfw

  Path to a standalone graphical frontend. Default: in the same folder as lpfw

  Path to python-based graphical frontend lpfwgui.py. It will be launched in python. Default: in the same folder as lpfw

  Enables different levels of logging. Possible values 1 or 0 for yes/no. Default: all three 1.

  To invoke a frontend, issue the following;
  lpfw --cli    Ncurses
  lpfw --gui    Standalone
  lpfw --guipy  Python-based
Last updated on December 22nd, 2011

0 User reviews so far.