MEPCO SCHLENK ENGINEERING COLLEGE

(AUTONOMOUS), SIVAKASI
DEPARTMENT OF INFORMATION TECHNOLOGY

19IT551 – NETWORK LABORATORY

MINI PROJECT REPORT

IMPLEMENTATION OF FIREWALL
APPLICATION

ODD SEMESTER -2022

Submitted by

C. ASHWIN (202006013)
K. A HARI HARA SANKAR (202006021)

1|P a g e
 BONAFIDE CERTIFICATE

This is to certify that it is the bonafide work done by K.A. HARI

HARA SANKAR(20BIT046) And C.ASHWIN(20BIT040) for the mini
project titled “A FIREWALL SYSTEM” in the 19IT551- Networks Laboratory
At Mepco Schlenk Engineering College, Sivakasi during the year 2021-
2022.

.………………… …………………………
Faculty in-charge Head of the Department
Dr. S.Haseena, M.E, Ph.D Dr. T. Revathi, M.E, Ph.D.,
FACULTY IN-CHARGE HEAD OF THE DEPARTMENT
Assistant Professor(SL Grade) Senior Professor
Information Technology Information Technology
Mepco Schlenk Engineering College Mepco Schlenk Engineering College
Virudhunagar Dt. – 626 005 Virudhunagar Dt. – 626 005

2|P a g e
ACKNOWLEDGEMENT

I wish to record my deep sense of gratitude and profound thanks to

my research supervisor Dr. T. Revathi, Senior Professor & Head, Department
of Information Technology, Mepco Schlenk Engineering College
(Autonomous), Sivakasi, for her keen interest, inspiring guidance, constant
encouragement with my work during all stages, to bring this thesis into fruition.

I am extremely indebted to Dr. S. Arivazhagan, The Principal,

Mepco Schlenk Engineering College (Autonomous), Sivakasi, Dr.T.Revathi,
Senior Professor & HOD, Department of Information Technology,
MepcoSchlenk Engineering College (Autonomous), Sivakasi, Dr.S.Haseena
M.E,Ph.D Assistant Professor, Department of Information Technology for her
valuable suggestions and support during the course of my mini project work.

I also thank the faculty and non-teaching staff members of the

Department of Information Technology, Mepco Schlenk Engineering College
(Autonomous), Sivakasi, for their valuable support throughout the course of my
mini project work.

3|P a g e
 TABLE OF CONTENTS

S.NO TITLE PAGE NO

1 ABSTRACT 6
2 INTRODUCTION 8
3 ARCHITECTURE 11
4 FRONT END 15
5 PROTOCOLS 23
6 IMPLEMENTATION/CODING 31
7 SCREENSHOTS 42
8 CONCLUSION 46
9 REFERENCES 46

4|P a g e
 ABSTRACT

5|P a g e
ABSTRACT:

The firewall program that has been implemented acts as a client to the kernel of the
computer which acts as the server. The client side of the program is implemented, and the
server side is made of system calls that can bring out the actions that are required of this
firewall system. This application can be used to control the windows default firewall and can
also block traffic of both http and https protocols. The software can also block the internet
connectivity to the specified software in the system and can also block connections to domain
server. This application has been designed to work under any WINDOWS system and

The goal of our project is to implement the protective features of a firewall and block
connections to and from the system in which the software is running.

6|P a g e
 INTRODUCTION

7|P a g e
INTRODUCTION:

Development of a firewall system that utilizes the kernels network control abilities
and blocks the incoming and outgoing requests from the system. The system works on both
the network and transport layers. Network firewalls implement limited connectivity between
an internal network and the Internet and networks of other partner organizations, permitting
only the necessary communication and can also limit connections from and to a domain
naming system. The kind of firewall as a part of the project is not a standalone firewall and
works with the kernel to block requests and network connections. Therefore, the firewall
works in the application layer of the OSI model. Application layer firewalls uses a series of
configurations to determine whether to block or allow communications to or from an app.
These kinds of configurations can be saved directly from the software and can also be
implemented to the software. All the connections made to the kernel are TCP connections
involving multiple daemons running under multiple ports in the system.

PURPOSE:
On exhilarating development of networking technologies brings along dangerous
attacks that must be protected from the system. A firewall is a mandatory tool to block
signals that are not guaranteed as safe or secure. The firewall system can take over the entire
network security of the system and enhance the protection of the system.

SCOPE:
The objective of the project is to implement the firewall which can be used to block
dangerous or harmful requests signals and domains. It can also be used to prevent
applications running on our system to access the network.

Definitions, Acronyms and Abbreviations:

 Daemon: a computer program that runs as a background process waiting for

requests through a system call.
 Client: it is like a person request for service. Where they can communicate when
they like to communicate.

8|P a g e
  Server: it is person who can accepts a connection when requested by the client to
make communication.
 n/w: network it is a combination of nodes where each node correspond to each
system.
 s/w: system which indicates each client and server.
 Ip address: this is the address of the server given to the system when it request to
have internet connection.
 TCP: transport communication protocol.
 netsh : a command-line scripting utility that allows the modification of the
network configuration
 OSI: open system interconnection model
 Thread: it used to for multiple connection from many servers.
 MySQL: Database that is used to store the records of all the activities done using
the firewall

9|P a g e
 ARCHITECTURE

ARCHITECTURE:
An ISO standard that covers all aspects of the network communications is the Open
System Interconnection(OSI) model.
An open system is a set of protocols that allows any two different systems to
communicate regardless of their underlying architecture. The purpose of the OSI model is to
show how to facilitate communication between different systems requiring changes to the

10 | P a g e
logic of the underlying hardware and software. It is not a protocol; it is a model for
understanding and designing a network architecture that is flexible ,robust and interoperable.
It is a layered framework for the design of the network systems that allows communication
between all type of computer system.

Physical Layer:
It handles the transmission of raw bits over a communications link. Physical layer is
the only layer of OSI network model which actually deals with the physical connectivity of
two different stations.
Data Link Layer:
It layer then collects a stream of bits into a larger aggregate called a frame. Network
adaptors, along with device drivers running in the node’s OS, typically implement the data
link level. This means that frames, not raw bits, are actually delivered to hosts.
Network Layer:
It handles routing among nodes within a packet-switched network. At this layer, the
unit of data exchanged among nodes is typically called a packet rather than a frame, although
they are fundamentally the same thing. The lower three layers are implemented on all
network nodes, including switches within the network and hosts connected along the exterior
of the network.
Transport Layer:
It implements what we have up to this point been calling a process-to-process
channel. Here, the unit of data exchanged is commonly called a message rather than a packet
or a frame. The transport layer and higher layers typically run only on the end hosts and not
on the intermediate switches or routers. There is less agreement about the definition of the
top three layers.
Presentation Layer :
It is concerned with the format of data exchanged between peers, for example,
whether an integer is 16, 32, or 64 bits long and whether the most significant bit is
transmitted first or last, or how a video stream is formatted.
Session Layer:
It provides a name space that is used to tie together the potentially different transport
streams that are part of a single application .The architecture suitable for the project is client
server architecture because one server should maintain all details about client whereas
multiple client is try to access the server and utilize the server in different ways.

11 | P a g e
Application Layer:
An application layer is an abstraction layer that specifies the shared communications
protocols and interface methods used by hosts in a communications network. It uses protocols
including things like the File Transfer Protocol (FTP), which defines a protocol by which file
transfer applications can interoperate.

Description of selected architecture:

The architecture suitable for this project is client server hence it is explained as
follows;
 The firewall is built as a client application which can request the kernel and the
daemons of the system to perform the required activity. The servers or daemons will
be running continuously waiting for request and the client only runs when a request is
being made.
 Communication at the application layer is between two running application programs
called processes. Application layer is the highest level of open systems, providing
services directly for the application process.
 The client is running program that initializes the communication by sending a
request. The client in this project must be executed with a higher privilege, as the
software needs to use the system calls that are specific to the systems and interact
directly with the kernel.
 Server is another running program that waits for a request from a client and respond
according to the request.
 Client run in one system where as server may be in another system there is no
problem in communication in these case socket plays a important role and it is
explained in further pages. This is illustrated in the cases of DNS which has multiple
servers at different locations and all the connections to all these servers should be
blocked to stop the connection from reaching the DNS. This kinf of mechanism is
implied in the software.
 A client is finite it send a finite number of request to the server and get a respond
from server and then client stop. The client may encounter error messages and in such
cases, the error message will be displayed to the user.
 The database server that is used in the program is connected using a system driver
and will be ready to execute any queries.
 The database stores all the activities that have been executed using the the firewall

12 | P a g e
 software.
 Application programming interface is a set of instructions that will communicate to
lowest four layers of tcp/ip protocol.
 To open a communication, send or receive data from any client or server and close
the communication.
 These kind of set of instruction is called as Application program interface.
 Storing configuration is possible with the firewall application. This is important as we
don’t have to configure every time we use the application. The configurations are
stored as an wfw file.
 The configurations can be imported the next time the application may be used. This is
made possible because of the scripting ability of the netsh command.
 The HTTP or HTTPS protocols can be blocked by using the firewall and can be
unblocked whenever needed through the application.
 The windows firewall can be controlled through the software with the help of
application layer.

13 | P a g e
 FRONT END

14 | P a g e
FRONT END:
The front end is the part of the program that interact with the user and is designed for
the ease of use of the user. Python is a powerful programming language that has a very easy
syntax. It has efficient high-level data structures and a simple but effective approach to
object-oriented programming. Python’s elegant syntax and dynamic typing, together with its
interpreted nature, make it an ideal language for scripting and rapid application development
in many areas on most platforms.

A python library called Tkinter is used for the development of the front end of the
project. Tkinter is a GUI (Graphical User Interface) in Python which can be used to develop
simple and user-friendly front-end designs.

The tkinter library uses different widgets to style the user interface. Widget is an
element of Graphical User Interface (GUI) that displays/illustrates information or gives a way
for the user to interact with the OS.

There features of python that makes the python programming language highly
applicable to the development of the firewall project is as follows,

 Simple
 Object-Oriented
 Integrated language
 Secured
 Robust
 High-Level Language
 Portable
 GUI Programming Support
 Portable language
 High Performance
 Dynamically Typed
 Large Standard Library
 Large Developer community

15 | P a g e
Object-oriented:

Object-oriented means we organize our software as a combination of different types of

objects that incorporates both data and behavior.
Object-oriented programming(OOPs) is a methodology that simplify software development
and maintenance by providing some rules.
Basic concepts of OOPs are:
1. Object
2. Class
3. Inheritance
4. Polymorphism
5. Abstraction
6. Encapsulation

GUI Programming Support:

Tkinter comes baked into current Python installers for all major operating systems and

offers a host of commonly used elements that we’re sure you must be familiar with. Some of

those visual elements have been listed below:

● Frame: for providing a structure to your application

● Buttons: used for taking input from the user

● Check buttons: used for making selections

● Labels: for displaying textual information

● File Dialogs: for uploading or downloading files to/from the application

● Canvas: provides a space for drawing/painting things like graphs and plots

Portable:
A portable language is a computer programming language capable of developing software

16 | P a g e
for more than one computer system.

17 | P a g e
 PROTOCOLS

18 | P a g e
PROTOCALS:
TCP
The service provided by TCP to an application is different from the service provided
by UDP.
TCP provides connections between clients and servers. A TCP client establishes a
connection with a given server, exchange data with that server across that connection.

This reveals why we have chosen the TCP protocol instead of UDP protocol.
The second transport layer protocol we discuss in this chapter is called Transmission Control
Protocol (TCP). TCP, like UDP, is a process-to-process (program-to-program) protocol. TCP,
therefore, like UDP, uses port numbers. Unlike UDP, TCP is a connectionoriented protocol;
it creates a virtual connection between two TCPs to send data. In addition, TCP uses flow and
error control mechanisms at the transport level. In brief, TCP is called a connection-oriented,
reliable transport protocol. It adds connection-oriented and reliability features to the services
of IP.

HTTP Protocol
HTTP clients generally use Transmission Control Protocol (TCP) connections to
communicate with servers.
HTTP utilizes specific request methods in order to perform various tasks. All HTTP servers
use the GET and HEAD methods, but not all support the rest of these request methods:

 GET requests a specific resource in its entirety

 HEAD requests a specific resource without the body content
 POST adds content, messages, or data to a new page under an existing web resource
 PUT directly modifies an existing web resource or creates a new URI if need be
 DELETE gets rid of a specified resource
 TRACE shows users any changes or additions made to a web resource
 OPTIONS shows users which HTTP methods are available for a specific URL
 CONNECT converts the request connection to a transparent TCP/IP tunnel

19 | P a g e
  PATCH partially modifies a web resource

Reliable Service in TCP

TCP is a reliable transport protocol. It uses an acknowledgment mechanism to check the safe
and sound arrival of data. We will discuss this feature further in the section on error control.

Flow Control
TCP, unlike UDP, provides flow control. The receiver of the data controls the amount
of data that are to be sent by the sender. This is done to prevent the receiver from being
overwhelmed with data. The numbering system allows TCP to use a byte-oriented flow
control.

Https protocol
Hypertext transfer protocol secure (HTTPS) is the secure version of HTTP, which is the
primary protocol used to send data between a web browser and a website. HTTPS is
encrypted in order to increase security of the data transfer.

HTTPS uses an encryption protocol to encrypt communications. The protocol is called

Transport Layer Security (TLS), although formerly it was known as Secure Sockets Layer
(SSL). This protocol secures communications by using what’s known as an asymmetric
public key infrastructure. This type of security system uses two different keys to encrypt
communications between two parties:

 The private key - this key is controlled by the owner of a website and it’s kept, as the
reader may have speculated, private. This key lives on a web server and is used to
decrypt information encrypted by the public key.
 The public key - this key is available to everyone who wants to interact with the
server in a way that’s secure. Information that’s encrypted by the public key can only
be decrypted by the private key.

Error Control
To provide reliable service, TCP implements an error control mechanism. Although
error control considers a segment as the unit of data for error detection (loss or corrupted

20 | P a g e
segments), error control is byte-oriented, as we will see later.

DNS Server
The Domain Name System (DNS) is the phonebook of the Internet. When users type domain
names such as ‘google.com’ or ‘nytimes.com’ into web browsers, DNS is responsible for
finding the correct IP address for those sites. Browsers then use those addresses to
communicate with origin servers or CDN edge servers to access website information. This all
happens thanks to DNS servers: machines dedicated to answering DNS queries.

DNS Blocking
A DNS block is a mechanism that allows you to prevent access to certain web pages on the
server. The technology was originally designed to help defend against spam and phishing
attacks by blocking known suspicious IP addresses.
A DNS block works by removing the IP address name from the “phonebook” on your server..
As a result, blockers disable your server from locating web pages. To block whole genres of
web pages, like piracy sites, DNS blocking services can set your server to forget large swaths
of IP addresses that fit certain criteria. This breaks the communication between the IP server
and the user’s device.

The windows firewall:

The Windows Firewall is used to protect your Windows system from network-based threats.
You can control who has access to your system and what access is granted.
The basic Windows Firewall settings may be accessed and configured straight from the
software.

■ Allow a program or feature through Windows Firewall – This configures the rules for
applications and features to go through the Windows Firewall depending on the network
location.

■ Change notification settings – This turns the Windows Firewall on or off, can block all
incoming connections, and can be set to notify the user when something is blocked.

■ Turn Windows Firewall on or off

21 | P a g e
Packet Capture

Packet sniffing is a method of tapping each packet as it flows across the network; i.e., it is a
technique in which a user sniffs data belonging the network layer of the network. The
application uses them for monitoring and validating network traffic. The application capture
packets through the scapy library in python and display it to the users.

Sockets for packet capture

Creating the socket

Sockets allow communication between two different processes on the same or different
machines. To be more precise, it's a way to talk to other computers using standard Unix file
descriptors. In Unix, every I/O action is done by writing or reading a file descriptor. A file
descriptor is just an integer associated with an open file and it can be a network connection, a
text file, a terminal, or something else.

A socket can be created with the socket library in python. The following code can be used to
create a socket

def __init__(self,

family=socket.AF_INET, # type: int

type=socket.SOCK_STREAM, # type: int):

self.ins = socket.socket(family, type, proto) # type: socket.socket

Bind Socket

 The bind() method of Python's socket class assigns an IP address and a port number to
a socket instance.
 The bind() method is used when a socket needs to be made a server socket.
 As server programs listen on published ports, it is required that a port and the IP
address to be assigned explicitly to a server socket.

if self.ins is not None:

iface = network_name(iface)

22 | P a g e
 self.iface = iface

self.ins.bind((iface, type))

Send Data

The send()method of Python's socket class is used to send data from one socket to another
socket.

The send()method can only be used with a connected socket. That is, send() can be used only
with a TCP based socket and it can not be used with UDP socket.

The send() method can be used to send data from a TCP based client socket to a TCP based
client-connected socket at the server side and vice versa.

The data sent should be in bytes format. String data can be converted to bytes by using the
encode() method of string class.

def send(self, x):

try:

x.sent_time = time.time()

except AttributeError:

pass

if self.outs && x:

self.ins.send(x)

Receive Data

The recv() can receive only a specified number of bytes into a string buffer. If the incoming
data is larger than the buffer size then only the part of the data is received, and rest gets lost.

def _recv_raw(self, sock, x):

pkt, sa_ll = sock.recvfrom(x)

23 | P a g e
24 | P a g e
 IMPLEMENTATION/CODING

IMPLEMENTATION:

SERVER:
import ctypes
import os
import subprocess
import tkinter as tk
from tkinter import filedialog as fd

25 | P a g e
from tkinter import messagebox as mb
import mysql.connector

mydb = mysql.connector.connect(
host="localhost",
user="root",
password="Sindhu123$",
database="firewall"

)
mycursor = mydb.cursor()

print(mydb)

def run_cmd(cmd):

cmd_struct = subprocess.run(cmd, stdout=subprocess.PIPE, encoding='866')

if cmd_struct.returncode == 0:
mb.showinfo(title=None, message="Successfully")
print("----------successful---------")
print()
else:
mb.showerror(title=None, message="Error while executing")
print("----------ERROR----------")
print(cmd_struct.stdout.replace("\n", ""))
print()

def is_admin():

try:
return os.getuid() == 0
except AttributeError:
return ctypes.windll.shell32.IsUserAnAdmin() != 0

if not is_admin(): # checks if the script is running as administrator

mb.showerror('Error', 'Run as administrator')

def get_ips(domenname):

cmd = ["nslookup", domenname]

result = subprocess.run(cmd, stdout=subprocess.PIPE, encoding='866')
try:
starts = result.stdout.rindex("Addresses:") + 10
ends = len(result.stdout)
ip = result.stdout[starts + 1:ends]
ip = ip.replace("\n", "")
ip = ip.replace(" ", "")

26 | P a g e
 ip = ip.split("\t")
return ip
except ValueError:
starts = result.stdout.rindex("Address:") + 8
ends = len(result.stdout)
ip = result.stdout[starts + 1:ends]
ip = ip.replace("\n", "")
ip = ip.replace(" ", "")
ip = [ip]
return ip

def enable_firewall():

cmd = ["netsh", "advfirewall", "set", "allprofiles", "state", "on"]

mycursor.execute("INSERT INTO records(activity,time) VALUES('enabling
firewall', CURRENT_TIMESTAMP());")
mydb.commit()
run_cmd(cmd)

def disable_firewall():

cmd = ["netsh", "advfirewall", "set", "allprofiles", "state", "off"]

run_cmd(cmd)
mycursor.execute("INSERT INTO records(activity,time) VALUES('Disabling
firewall', CURRENT_TIMESTAMP());")
mydb.commit()

def reset_firewall():

cmd = ["netsh", "advfirewall", "reset"]

run_cmd(cmd)
print("ads")
mycursor.execute("INSERT INTO records(activity,time) VALUES('firewall
resetted', CURRENT_TIMESTAMP());")
mydb.commit()

def firewall_block_all():
cmd = ["netsh", "advfirewall", "set", "allprofiles", "firewallpolicy",
"blockinbound,blockoutbound"]
run_cmd(cmd)
mycursor.execute("INSERT INTO records VALUES ('Blocking all incoming
connections', CURRENT_TIMESTAMP());")
mydb.commit()
pass

27 | P a g e
def block_http_port():
cmd = ["netsh", "advfirewall", "firewall", "add", "rule", 'name="HTTP-block"',
"protocol=TCP", "remoteport=80",
"action=block", "dir=OUT"]
mycursor.execute("INSERT INTO records VALUES ('Blocking incoming http
traffic', CURRENT_TIMESTAMP());")
mydb.commit()
run_cmd(cmd)

def unblock_http_port():
cmd = ["netsh", "advfirewall", "firewall", "delete", "rule", 'name="HTTP-block"']
mycursor.execute("INSERT INTO records VALUES ('unblocking http traffic',
CURRENT_TIMESTAMP());")
mydb.commit()
run_cmd(cmd)

def block_https_port():
cmd = ["netsh", "advfirewall", "firewall", "add", "rule", 'name=HTTPS-block',
"protocol=TCP", "remoteport=443",
"action=block", "dir=OUT"]
run_cmd(cmd)
mycursor.execute("INSERT INTO records VALUES ('Blocking incoming https
traffic', CURRENT_TIMESTAMP());")
mydb.commit()

def unblock_https_port():
cmd = ["netsh", "advfirewall", "firewall", "delete", "rule", 'name=HTTPS-block']
run_cmd(cmd)
mycursor.execute("INSERT INTO records VALUES ('UNBlocking incoming http
traffic', CURRENT_TIMESTAMP());")
mydb.commit()

def save_config():
try:
file_path = fd.asksaveasfilename(filetypes=[("Windows firewall", "*.wfw")])
cmd = ["netsh", "advfirewall", "export", file_path]
run_cmd(cmd)
except:
mb.showerror("Error", "An error occurred while saving")

def import_config():

try:
filepath = fd.askopenfilename(

28 | P a g e
 filetypes=[("All files", "*.*"), ("Windows firewall", "*.wfw")]
)

if not filepath:
mb.showerror("ERROR", "ERROR IN CONF")
return

cmd = ["netsh", "advfirewall", "import", filepath]

run_cmd(cmd)
except:
mb.showerror()("Error", "An error occurred while importing the configuration")

def about():

about_window = tk.Tk()
about_window.config(bg="white")
about_window.iconbitmap('favicon.ico')

w = about_window.winfo_screenwidth()
h = about_window.winfo_screenheight()
w = w // 2
h = h // 2
w = w - 200
h = h - 300
about_window.geometry('290x60+{}+{}'.format(w, h))

about_window.resizable(False, False)
about_window.title("About the program")

label2 = tk.Label(text="The program configures the firewall",

master=about_window,
background="white",
foreground="black",
)
label2.pack()
about_window.mainloop()

def app_access():
file_str = ""

def block_app():
nonlocal file_str

cmd = ["netsh", "advfirewall", "firewall", "add", "rule",

'name="App block"', "dir=out", 'program=""',
"action=block"]
cmd[5] = 'name="{}"'.format(file_str[file_str.rfind('\\') + 1:])
cmd[7] = 'program="{}"'.format(file_str)

29 | P a g e
 os.system(' '.join(cmd))
cmd[6] = "dir=in"
os.system(' '.join(cmd))
mycursor.execute("INSERT INTO records VALUES ('Blocking"+file_str+"',
CURRENT_TIMESTAMP());")
mydb.commit()
mb.showinfo(title=None, message="ОК")

def unblock_app():
cmd = ["netsh", "advfirewall", "firewall", "delete", "rule", 'name={}']
cmd[5] = 'name="{}"'.format(file_str[file_str.rfind('\\') + 1:])
mycursor.execute("INSERT INTO records VALUES ('UnBlocking "+file_str+"',
CURRENT_TIMESTAMP());")
mydb.commit()
run_cmd(cmd)

def get_file_path():
nonlocal file_str
file_str = fd.askopenfilename(
filetypes=[("Executable", "*.exe")]
)

file_str = file_str.replace("/", "\\")

app_access_window = tk.Tk()
app_access_window.config(bg="white")
w = app_access_window.winfo_screenwidth()
h = app_access_window.winfo_screenheight()
w = w // 2
h = h // 2
w = w + 100
h = h - 200
app_access_window.geometry('273x78+{}+{}'.format(w, h))
app_access_window.iconbitmap('favicon.ico')
app_access_window.resizable(False, False)
app_access_window.title("Access to Internet programs")

file_path_btn = tk.Button(
app_access_window,
background="black",
foreground="white",
text="Select .exe",
width=38,
height=1,
command=get_file_path
).grid(row=0, column=0)

button_app_on = tk.Button(
app_access_window,
background="black",

30 | P a g e
 foreground="white",
text="Block internet access",
width=38,
height=1,
command=block_app
).grid(row=1, column=0)

button_app_off = tk.Button(
app_access_window,
background="black",
foreground="white",
text="Unblock internet access",
width=38,
height=1,
command=unblock_app
).grid(row=2, column=0)

app_access_window.mainloop()

def help_page():

# TODO
Pass

PACKET SNIFFING

import scapy.all as sc
def capture() :
capture = sc.sniff(filter="tcp",count=50)
ll=[]
for p in capture:
a = p.summary()
ll.append(a)
print(a)
return "\n".join(ll)

CLIENT

from handler import *

from sniffer import capture

31 | P a g e
def block_site():
domen = domen_string.get()
ips = get_ips(domen)
cmd = ["netsh", "advfirewall", "firewall", "add", "rule", 'name="{site_name}"',
"protocol=TCP", "remoteport=80",
"action=block", "dir=OUT", "remoteip={site_ip}"]

if len(ips) > 1:
for ip_address in ips:
cmd[5] = "name=block " + domen
cmd[10] = "remoteip=" + ip_address
run_cmd(cmd)
cmd[7] = "remoteport=443"
run_cmd(cmd)
cmd[7] = "remoteport=80"

mb.showinfo(title=None, message="Successfully")
elif len(ips) == 1:
cmd[5] = "name=block " + domen
cmd[10] = "remoteip=" + ips[0]
run_cmd(cmd)
cmd[7] = "remoteport=443"
run_cmd(cmd)
mb.showinfo(title=None, message="Successfully")
else:
mb.showerror("Error", "Error while blocking " + domen)

def unblock_site():

name = 'name=block ' + domen_string.get()

cmd = ["netsh", "advfirewall", "firewall", "delete", "rule", name]
run_cmd(cmd)

32 | P a g e
def get_pack():
print("GETIING packets")
text=capture()
text_area.insert(tk.END,str(text),"Asd")

window = tk.Tk()

window.title("Firewall")
window.minsize(600, 600)

# set maximum window size value

window.maxsize(1280, 800)
window.config(bg="#d6fff6")
# master.configure(background='SteelBlue1')
window.iconbitmap('favicon.ico')

w = window.winfo_screenwidth()
h = window.winfo_screenheight()

# w = w // 2
# h = h // 2
# w = w - 200
# h = h - 200
#
#
# window.geometry('290x403+{}+{}'.format(w, h))

# window.resizable(False, False)

mainmenu = tk.Menu(window)
window.config(menu=mainmenu)

33 | P a g e
configmenu = tk.Menu(mainmenu, tearoff=0)
configmenu.add_command(label="Save configuration", command=save_config)
configmenu.add_command(label="Import Configuration", command=import_config)
configmenu.add_separator()
configmenu.add_command(label="Exit", command=exit)

helpmenu = tk.Menu(mainmenu, tearoff=0)

helpmenu.add_command(label="About the program", command=about)

main_frame = tk.Frame(window)
main_frame.grid(row=0, column=0, sticky="nswe")
main_frame.columnconfigure(0, weight=3)
main_frame.columnconfigure(1, weight=4)
left_frame = tk.Frame(main_frame)
left_frame.grid(row=0, column=0, sticky="nswe")
right_frame = tk.Frame(main_frame)
right_frame.grid(row=0, column=1, sticky="nswe")
Firewall_label = tk.Label(left_frame,
text="Firewall",
background="white",
foreground="black",
font=("Times", "15", "bold")
).grid(row=0, column=0, columnspan=3)

button_firewall_on = tk.Button(
left_frame,
background="black",
foreground="white",
text="On",
width=29,
height=2,
command=enable_firewall

34 | P a g e
).grid(row=1, column=0)

button_firewall_off = tk.Button(
left_frame,
background="black",
foreground="white",
text="Off",
width=29,
height=2,
command=disable_firewall
).grid(row=1, column=1)

button_firewall_reset = tk.Button(
left_frame,
background="black",
foreground="white",
text="Reset",
width=29,
height=2,
command=reset_firewall
).grid(row=2, column=0,sticky="nswe")

button_firewall_block = tk.Button(
left_frame,
background="black",
foreground="white",
text="Block all",
width=29,
height=2,
command=firewall_block_all
).grid(row=2, column=1,sticky="nswe")

35 | P a g e
block_http_label = tk.Label(
left_frame,text="HTTP traffic",
background="#e8b97b",
foreground="black",
font=("Times", "12", "bold")
).grid(row=3, column=0, columnspan=2,sticky="nswe")

button_http_on = tk.Button(
left_frame,
background="black",
foreground="white",
text="block",
width=50,
height=2,
command=block_http_port
).grid(row=4, column=0, columnspan=2,sticky="nswe")

button_http_off = tk.Button(
left_frame,
background="black",
foreground="white",
text="Unlock",
width=50,
height=2,
command=unblock_http_port
).grid(row=5, column=0, columnspan=2,sticky="nswe")

block_https_label = tk.Label(left_frame,text="HTTPS traffic",

background="white",
highlightcolor="black",
highlightthickness=1,
bg="#e8b97b",
foreground="black",

36 | P a g e
 font=("Times", "12", "bold")
).grid(row=6, column=0, columnspan=2,sticky="nswe")

button_https_on = tk.Button(
left_frame,
background="black",
foreground="white",
text="block",
width=50,
height=2,
command=block_https_port
).grid(row=7, column=0, columnspan=2,sticky="nswe")

button_https_off = tk.Button(
left_frame,
background="black",
foreground="white",
text="Unlock",
width=50,
height=2,
command=unblock_https_port
).grid(row=8, column=0, columnspan=2,sticky="nswe")

block_app_lbl = tk.Label(left_frame,text="Application",
background="white",
foreground="black",
bg="#e8b97b",
font=("Times", "12", "bold")
).grid(row=9, column=0, columnspan=2,sticky="nswe")

app_app_btn = tk.Button(
left_frame,

37 | P a g e
 background="black",
foreground="white",
text="Select application",
width=50,
height=2,
command=app_access
).grid(row=10, column=0, columnspan=2,sticky="nswe")

block_domen_lbl = tk.Label(left_frame,text="Domain",
background="white",
foreground="black",
bg="#e8b97b",
font=("Times", "12", "bold")
).grid(row=11, column=0, columnspan=2,sticky="nswe")

domen_string = tk.StringVar(window)

domen_txt = tk.Entry(window,
width=80,
bg="pink",
fg="black",
justify="center",
textvariable=domen_string
).grid(row=12, column=0, columnspan=2,sticky="nswe")

domen_block_btn = tk.Button(
left_frame,
background="black",
foreground="white",
text="block",
width=50,
height=2,
command=block_site

38 | P a g e
).grid(row=13, column=0, columnspan=2,sticky="nswe")

domen_unblock_btn = tk.Button(
left_frame,
background="black",
foreground="white",
text="Unlock",
width=50,
height=2,
command=unblock_site
).grid(row=14, column=0, columnspan=2,sticky="nswe")

printButton = tk.Button(left_frame,
background="black",
foreground="white",
text ="GET_PACKETS",
justify="center",
command = get_pack).grid(row=16, column=0,
columnspan=2,sticky="nswe")
text_area = tk.Text(
right_frame,
height=70,
width=100,
background="#e8b97b",
foreground="black",
font=("Times", "12", "bold")
)
text_area.grid(row=0,column=2,sticky="ns")
window.mainloop()

39 | P a g e
40 | P a g e
 SCREENSHOTS

41 | P a g e
 Figure1-Home Page
The home page of the firewall software with all the features featuring in the
software.

42 | P a g e
 Figure2-Turn off firewall
Image of turning off the windows firewall using the software and the
notification sent by the system.

43 | P a g e
 Figure 3-Block HTTPS traffic
Blocking of HTTPS traffic in the system through the software and image of
inability to access the internet using the https protocol.

44 | P a g e
 Figure 4- Block internet access to application
Preventing the internet access to a software(executable) in the system.

45 | P a g e
 Figure 5-Blocking DNS
Blocking the DNS of the site wikepedia.org. After blocking the DNS of the site,
no domains of the website can be accessed through the internet of the system.

Figure 6- Capturing Packets

Capturing the packets in the TCP stream and displaying them in a text box.

46 | P a g e
 CONCLUSION

47 | P a g e
CONCLUSION:
The firewall application is made to understand the working of an industrial
level firewall application and how we can block services like HTTP, HTTPS and DNS. The
application also captures packets in the TCP stream. The project can be further improvised by
applying machine learning for analyzing the captured packets.

REFERENCES:
 https://support.microsoft.com/en-au/windows
 https://www.webopedia.com/definitions/windows-firewall
 https://www.cloudflare.com/learning/dns/
 Docs.oracle.coms
 https://www.wikipedia.org/

48 | P a g e