Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

Current implementation links to kdelibs4

Currently there's no GUI-way of configuring the firewall (ufw) in Plasma. ufw-kde which was the only way to do it was never ported to Qt5 and KF5 and it doesn't work in Plasma 5. The only other standalone GUI option is Gufw which is a GTK frontend for ufw.

Nomad Firewall — Overview

• Dashboard/Overview; show the user can see the status and activity of the firewall.
• Firewall modes; Off: All connections are allowed; Custom: All connections are controlled by the user's rules; High: All connections are blocked. Default would be Custom.
• Display incoming and outgoing connections.
• Display processes (with full paths) and their network usage using a progress bar.
• Automatically add binaries and allow the user to add custom binaries to the list of monitored processes.

Nomad Firewall — Firewall

• Enable or disable the firewall.
• Checkboxes on the top row are applied to all applications. Checkboxes inside the list are applied individually. If a a checkbox on the top row is active the checkboxes on the list are automatically disabled and viceversa as they would be overriding each other. In order for the checkboxes on the top row and inside the list to become active the firewall must be enabled first.
• Search field to look for applications if needed.
• Combobox to sort application based on: Name, User, Interface, Allowed or Blocked.

Nomad Firewall — Rules

• Add, Edit and Remove rules.
• Add Rules > Simple/Advanced; Policy, Direction, Port, Protocol, Logging.
• Modules.

Nomad Firewall — Toolbar

• 1: Overview
• 2: Firewall
• 3: Rules
• 4: Export Rules
• 5: Import Rules
• 6: Manage Profiles
• 7: View Firewall Log
• 8: Configuration

The original UFW-KDE had a "simple" mode (which was the default) and an "advanced" mode (easily enabled through a dropdown at the top). In the "simple" mode, only the destination port (for an incoming rule) was shown (with the possibility to pick an application profile instead of a port number, see also #15), all the other settings (source address, source port, destination address) were hidden and set to "any". In the "advanced" mode, everything was shown. Nomad Firewall currently only has the equivalent of the "advanced" mode.

The rationale there is (and I tend to agree with whomever came up with that design) that an inexperienced user will not know that the destination port is the only setting that really matters in nearly all cases and what to do with the other settings. The "simple" mode allows such users to just open up a port (or ideally an application profile, see #15) without knowing the technical details. And if you need to set everything, you can quickly switch to "advanced" mode.

I think Nomad Firewall would greatly benefit from having such a "simple" mode, or something equivalent (could also be, e.g., a separate "Add simple rule" or "Quickly add rule" button), available as well.

Of course, if you are editing a rule that uses advanced settings, it should automatically come up in "advanced" mode so that the non-default settings are clearly visible.

Somewhat related to this, the defaults when creating a new rule should probably be Incoming and Allow, at least if the firewall is set to default deny.

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

Python 2 is being deprecated in Ubuntu Cosmic (18.10) onwards and most likely from every other distribution too.

UFW back-end contains a lot of legacy code from the former Kufw which currently is buggy and hard to maintain.

We will change to a more simpler approach in order to ease future maintenance without losing functionalities.

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

In order to make firewall setup dead easy for users with basic IT knowledge it's proposed a "Three Steeps Firewall" management tool. By "users with basic IT knowledge" we refer to people that have any knowledge of operative systems administration, software development or IT security. By example an accountant or a doctor. They only require to keep their data and system safe. As firewalls add layer of security to their systems its recommended to have it (citation required).

Therefore with the nomad-firewall we purpose the following profiles are purposed:

• Permissive (Allow every connection. To be used in safe environments)
• Stealth (Don't allow incoming connection. To be used in unsafe environments)
• Paranoid (Only allow outgoing http/https connections. To be used in case of suspicious of being under attack or that the system was infected by a malware)

Also will be provided a way of adding extra rules that will be set alongside with the selected profile. To achieve a more granular configuration.

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

Could you please add a INSTALL file. I'm having a problem running it on Arch Linux and not sure what the Problem is

[....typing]

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

I do not see the Spanish translate...
I can aport the spanish translate.
Regards

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

I don't see anything Nomad log section but everytime I check dmesg I notice UFW has blocked A LOT of stuff...this is on arch (stable) and chakraOS (testing)

output of: "kcmshell5 org_nxos_firewall":

kcmshell5 org_nxos_firewall
Icon theme "elementary" not found.
Icon theme "gnome" not found.
org.kde.kcoreaddons: Error loading plugin "org.nxos.firewall" "The shared library was not found." 
Plugin search paths are ("/usr/lib/qt/plugins", "/usr/bin") 
The environment variable QT_PLUGIN_PATH might be not correctly set
WARNING: Cannot find style "org.kde.desktop" - fallback: "/usr/lib/qt/qml/QtQuick/Controls/Styles/Desktop"
file:///usr/lib/qt/qml/QtQuick/Controls/Styles/Base/ButtonStyle.qml:153:31: QML Item: Binding loop detected for property "implicitWidth"
Debug message from helper: run NETSTAT_BINARY_PATH-NOTFOUND ("-ntuap")
Warning from helper: netstat command exit with code:  255
BACKEND ERROR:  255 ""
Debug message from helper: query
Debug message from helper: run ("--status", "--defaults", "--list", "--modules")
file:///usr/lib/qt/qml/QtQuick/Controls/Button.qml:99: TypeError: Cannot read property 'width' of null
file:///usr/lib/qt/qml/QtQuick/Controls/Button.qml:99: TypeError: Cannot read property 'width' of null
file:///usr/lib/qt/qml/QtQuick/Controls/Button.qml:99: TypeError: Cannot read property 'width' of null
file:///usr/lib/qt/qml/QtQuick/Controls/Button.qml:99: TypeError: Cannot read property 'width' of null
Debug message from helper: viewlog
""
file:///usr/lib/qt/qml/QtQuick/Controls/ScrollView.qml:362: TypeError: Cannot read property 'padding' of null
file:///usr/lib/qt/qml/QtQuick/Controls/ScrollView.qml:363: TypeError: Cannot read property 'padding' of null
file:///usr/lib/qt/qml/QtQuick/Controls/ScrollView.qml:364: TypeError: Cannot read property 'padding' of null
file:///usr/lib/qt/qml/QtQuick/Controls/ScrollView.qml:365: TypeError: Cannot read property 'padding' of null
file:///usr/lib/qt/qml/QtQuick/Controls/ScrollView.qml:362: TypeError: Cannot read property 'padding' of null
file:///usr/lib/qt/qml/QtQuick/Controls/ScrollView.qml:363: TypeError: Cannot read property 'padding' of null
file:///usr/lib/qt/qml/QtQuick/Controls/ScrollView.qml:364: TypeError: Cannot read property 'padding' of null
file:///usr/lib/qt/qml/QtQuick/Controls/ScrollView.qml:365: TypeError: Cannot read property 'padding' of null
Debug message from helper: viewlog
""
Debug message from helper: viewlog
""
Debug message from helper: viewlog
""
Debug message from helper: viewlog
""
Debug message from helper: viewlog
""
Debug message from helper: viewlog
""
Debug message from helper: viewlog
""
Debug message from helper: viewlog
""
Debug message from helper: viewlog
""
Debug message from helper: run NETSTAT_BINARY_PATH-NOTFOUND ("-ntuap")
Warning from helper: netstat command exit with code:  255
BACKEND ERROR:  255 ""
Debug message from helper: viewlog
""

• Review helpers behavior
• Unify lists look and fell
• Use the "Stack" item to show the roles details/edit view

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

Hello! What I must to do, so that work in Debian? I clone github, use instruction from that site https://www.reddit.com/r/kdeneon/comments/a1tl0y/using_nomad_firewall_ui_on_kde_neon/ but when I add this command " cmake -DCMAKE_INSTALL_PREFIX=kde4-config --prefix -DCMAKE_BUILD_TYPE=Release -DLIB_INSTALL_DIR=lib -DKDE_INSTALL_USE_QT_SYS_PATHS=ON ../`make" nothing is going on.
Thank you very much for the response.

Functionalities

• Toggle firewall status
• Define default incoming/outgoing policies
• Create/Modify/Remove/Sort Rules

The user interface is blank. "NX Firewall - Secure your workstation!" is at the top and help, reset, etc. is at the bottom. Nothing is in between. Just installed on Kubuntu 18.04. No problem compiling and installing. Used Master branch.

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

• Watch processes open ports
• Generate rules from the processes open ports view

• Display firewall logs
• Generate rule from logs

I could not find anywhere in the UI to pick one of the application profiles known to UFW and open the ports for it. Instead, you have to know the port number(s) to create a rule. This makes the application impractical to use.