duduita opened a new pull request, #1399: URL: https://github.com/apache/incubator-nuttx-apps/pull/1399
## Summary This merge request aims to add a lightweight packet filter to NuttX, called iptlite (iptables lite), which was based on Linux firewall, iptables and netfilter. This first implementation was focused on the essential commands, such as adding a drop rule based on the 4-tuple (source IP address, destination IP address, source port and destination port), flush all rules and list all rules, for all ingress TCP packets. The implementation was divided in two parts: the iptlite app, the CLI to the user, and the nflite modules (netfilter lite), which will provide the APIs to the iptlite app, that can be seen in another MR on the incubator-nuttx repository. This project was considered the third-best security tool in the XXII Brazilian Symposium on Information Security and Computer Systems, and the [related paper](https://sol.sbc.org.br/index.php/sbseg_estendido/article/view/21705) was accepted by this conference as well. ## Impact This lightweight packet filter could be an additional security feature, especially in the IoT environment, allowing the users to adopt, for instance, a zero trust policy, consequently, denying all ingress packet filter, except by the preset ones. ## Testing In order to give more context about the implementation that it was made, this following link will show a [quick video demo](https://drive.google.com/file/d/18mRSa_Vd_XRkorHnBmdGTAF5x2dykjLR/view) of the project. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
