|
|
The page describe how to compile the Douane firewall on your machine.
|
|
|
|
|
|
## Dependencies
|
|
|
|
|
|
In order to compile Douane, it is necessary to install a number of libraries before building. Further information on dependencies is given at [https://github.com/Douane/Douane/wiki/Dependencies](https://github.com/Douane/Douane/wiki/Dependencies)
|
|
|
|
|
|
## Compilation area
|
|
|
|
|
|
In order to keep your machine clean, I recommend you to create a folder where all the source codes will be downloaded and compiled:
|
|
|
|
|
|
cd
|
|
|
mkdir Douane
|
|
|
cd Douane/
|
|
|
|
|
|
## Source Code Manager
|
|
|
|
|
|
All the following steps will need the `git` scm. The package is named `git`.
|
|
|
|
|
|
## The kernel module (unsigned instructions)
|
|
|
|
|
|
This is the very first step in order to install the firewall. The kernel module is written with DKMS, and a Makefile has been written in order to easy the installation:
|
|
|
|
|
|
git clone https://github.com/Douane/douane-dkms
|
|
|
cd douane-dkms
|
|
|
sudo make dkms
|
|
|
|
|
|
The last command will copy/compile/install and load the kernel module on your machine. As it is a DKMS module, next time you install a new kernel, the Douane kernel module will be re-compiled against the new kernel automatically.
|
|
|
|
|
|
## The kernel module (signed instructions)
|
|
|
|
|
|
Some machines use an UEFI security feature known as Secure Boot. Most manufacturers will have it enabled by default. If Secure Boot is enabled, following the instructions above will result in an error saying that _**the module has not been signed with an appropriate key**_.
|
|
|
|
|
|
If you get this error, you can either:
|
|
|
* [sign the module by following these instructions](https://github.com/Douane/Douane/wiki/Signing-douane-dkms-module)
|
|
|
* or go into the UEFI menu and disable Secure Boot.
|
|
|
|
|
|
## The daemon
|
|
|
|
|
|
Next you need the daemon:
|
|
|
|
|
|
cd ~/Douane
|
|
|
git clone --recursive https://github.com/Douane/douane-daemon
|
|
|
cd douane-daemon
|
|
|
make
|
|
|
sudo make install
|
|
|
|
|
|
## The dialog process
|
|
|
|
|
|
As I'm a GNOME fan, I'm developing GNOME applications. So the official dialog window (screenshots shown on the [Douaneapp.com](http://douaneapp.com) website and [the Github main repository](/Douane/Douane)) is a GTK process.
|
|
|
|
|
|
cd ~/Douane
|
|
|
git clone --recursive https://github.com/Douane/douane-dialog
|
|
|
cd douane-dialog
|
|
|
make
|
|
|
sudo make install
|
|
|
|
|
|
Now you need to start it:
|
|
|
|
|
|
/opt/douane/bin/douane-dialog &
|
|
|
|
|
|
And you should probably see it quit immediately.
|
|
|
|
|
|
## The configurator
|
|
|
|
|
|
Finally, in order to start/stop the firewall, and manage the rules, you'll need the configurator.
|
|
|
|
|
|
**Please note that you must run the setup.py install with python 3.**
|
|
|
|
|
|
cd ~/Douane
|
|
|
git clone https://github.com/Douane/douane-configurator
|
|
|
cd douane-configurator
|
|
|
sudo python3 setup.py install
|
|
|
|
|
|
Now you should got a Douane application in your applications.
|
|
|
|
|
|
## Starting the Douane
|
|
|
|
|
|
Now you need to start it:
|
|
|
|
|
|
systemctl daemon-reload
|
|
|
sudo service douane start
|
|
|
|
|
|
From this point on, all your applications are blocked from using the network.
|
|
|
You can already see the daemon activities from the Douane log file:
|
|
|
|
|
|
tail -f /var/log/douane.log
|
|
|
|
|
|
## Debugging
|
|
|
|
|
|
In the case you're facing issues, have a look at [the Debugging Wiki page](https://github.com/Douane/Douane/wiki/Debugging). |
|
|
\ No newline at end of file |
|
|
The page describe how to compile the Douane firewall on your machine.
|
|
|
|
|
|
## Dependencies
|
|
|
|
|
|
In order to compile Douane, it is necessary to install a number of libraries before building. Further information on dependencies is given in the [Dependencies](/Dependencies) wiki page.
|
|
|
|
|
|
## Compilation area
|
|
|
|
|
|
In order to keep your machine clean, I recommend you to create a folder where all the source codes will be downloaded and compiled:
|
|
|
|
|
|
cd
|
|
|
mkdir Douane
|
|
|
cd Douane/
|
|
|
|
|
|
## Source Code Manager
|
|
|
|
|
|
All the following steps will need the `git` scm. The package is named `git`.
|
|
|
|
|
|
## The kernel module (unsigned instructions)
|
|
|
|
|
|
This is the very first step in order to install the firewall. The kernel module is written with DKMS, and a Makefile has been written in order to easy the installation:
|
|
|
|
|
|
git clone https://gitlab.com/douaneapp/douane-dkms.git
|
|
|
cd douane-dkms
|
|
|
sudo make dkms
|
|
|
|
|
|
The last command will copy/compile/install and load the kernel module on your machine. As it is a DKMS module, next time you install a new kernel, the Douane kernel module will be re-compiled against the new kernel automatically.
|
|
|
|
|
|
## The kernel module (signed instructions)
|
|
|
|
|
|
Some machines use an UEFI security feature known as Secure Boot. Most manufacturers will have it enabled by default. If Secure Boot is enabled, following the instructions above will result in an error saying that _**the module has not been signed with an appropriate key**_.
|
|
|
|
|
|
If you get this error, you can either:
|
|
|
* [sign the module by following these instructions](/Signing-douane-dkms-module)
|
|
|
* or go into the UEFI menu and disable Secure Boot.
|
|
|
|
|
|
## The daemon
|
|
|
|
|
|
Next you need the daemon:
|
|
|
|
|
|
cd ~/Douane
|
|
|
git clone --recursive https://gitlab.com/douaneapp/douane-daemon.git
|
|
|
cd douane-daemon
|
|
|
make
|
|
|
sudo make install
|
|
|
|
|
|
## The dialog process
|
|
|
|
|
|
As I'm a GNOME fan, I'm developing GNOME applications. So the official dialog window (screenshots shown on the [Douaneapp.com](http://douaneapp.com) website and [the GitLab main repository](https://gitlab.com/douaneapp/Douane)) is a GTK process.
|
|
|
|
|
|
cd ~/Douane
|
|
|
git clone --recursive https://gitlab.com/douaneapp/douane-dialog.git
|
|
|
cd douane-dialog
|
|
|
make
|
|
|
sudo make install
|
|
|
|
|
|
Now you need to start it:
|
|
|
|
|
|
/opt/douane/bin/douane-dialog &
|
|
|
|
|
|
And you should probably see it quit immediately.
|
|
|
|
|
|
## The configurator
|
|
|
|
|
|
Finally, in order to start/stop the firewall, and manage the rules, you'll need the configurator.
|
|
|
|
|
|
**Please note that you must run the setup.py install with python 3.**
|
|
|
|
|
|
cd ~/Douane
|
|
|
git clone https://gitlab.com/douaneapp/douane-configurator.git
|
|
|
cd douane-configurator
|
|
|
sudo python3 setup.py install
|
|
|
|
|
|
Now you should got a Douane application in your applications.
|
|
|
|
|
|
## Starting the Douane
|
|
|
|
|
|
Now you need to start it:
|
|
|
|
|
|
systemctl daemon-reload
|
|
|
sudo service douane start
|
|
|
|
|
|
From this point on, all your applications are blocked from using the network.
|
|
|
You can already see the daemon activities from the Douane log file:
|
|
|
|
|
|
tail -f /var/log/douane.log
|
|
|
|
|
|
## Debugging
|
|
|
|
|
|
In the case you're facing issues, have a look at [the Debugging Wiki page](/Debugging). |
|
|
\ No newline at end of file |