AO firewalld

Java API for managing firewalld.

Features

  • Clean programmatic access to firewalld.
  • Supports fine-grained control over specific port and IP address combinations.
  • Manages sets of services because firewalld is limited to only one per service.
  • Optimizes arbitrary sets of ports and IP addresses into a minimal set of service files.
  • Small footprint, minimal dependencies - not part of a big monolithic package.

Motivation

The AOServ Platform allows opening ports on a per-IP basis. firewalld service files are limited to a single per service file. To selectively open ports on a per-IP basis, additional service files must be managed. This is tedious if done manually. We would rather firewalld support multiple tags with multiple per service file, but this is not currently a feature.

Our server configuration process, AOServ Daemon, is written in the Java programming language. We desire a clean interface to firewalld without having to operate with firewall-cmd and other commands directly.

Evaluated Alternatives

We were unable to find any existing implementations via GitHub, The Central Repository, or Google Search.