GateKeeper is a screening router.

It works on Linux kernel 2.2 and ipchains. GateKeeper firewall is based on numerous packet filtering rules, described in "Linux Firewalls" by R. L. Ziegler, and it prevents undesirable access from outside and inside of your network.

GateKeeper is small.

Whole system is included in a single 1.44MB floppy disk. To create a single boot/root disk for the purpose, I employed BusyBox. BusyBox is a collection of base tools and it is quite small ( Although over one hundred tools are included, its total size is only 200KB! Can you believe it? ).

GateKeeper will be easily configured.

GateKeeper startup files are saved on MS-DOS formatted disk using syslinux. Its configuration file is also stored on the FAT filesystem, then it can be easily edited on Windows or Macintosh, most users' work bench.

GateKeeper is maintained by Wataru Nishida.

GateKeeper is a free software.

It is licensed under the GNU GENERAL PUBLIC LICENSE.

 

 

First, I started to make a simple boot/root disk for the understanding of boot sequence of Linux referring to "The Linux Bootdisk HOWTO". After so many "try and errors", I succeeded to create "my own" boot/root disk. But ..., that's all.

In addition, I found that standard GNU tools are so huge and "disk space eaters". Their source lists are also redundant and quite difficult to read for novices including me.

Thereafter, I encountered the BusyBox maintained by Eric Andersen.

BusyBox is a complex of essential UNIX tools, and it is so small.

BusyBox is coded concisely and clearly enough to be understood.

Let's compare the size of "cat.c" from GNU textutils and BusyBox.
As you can see, the size of "BusyBox cat" is less than one tenth of GNU! You can read the source within 3 minutes.

 GNU         843 lines    20820 bytes
BusyBox       73 lines     1653 bytes
            

Then, I realized that UNIX is so simple and so easy! BusyBox was originally developed for embedding systems, but it would be a nice educational materials for the understanding of UNIX system, I believe.

Finally, I decided to make some useful system using Linux kernel and BusyBox. GateKeeper is the one.

 

 

All of system is included in a single floppy disk (MS-DOS format).

System boot up: syslinux and initial RAM disk (initrd)

Configuration: A single text file, which is easily modified on Windows or Macintosh.

Kernel: Linux 2.2.16

Binary tools: Most of them were taken from BusyBox 0.46.

Network setup: ip from iproute2 package ( I'm now coding an original tool, named as ipconfig, for a BusyBox addon. )

Firewall setup: ipchains

 

 

The Linux Bootdisk HOWTO by Tom Fawcett

Everything you need is written in this document. Thanks Tom!

Linux Firewalls by Robert L. Ziegler

This is currently the only and best book for studying packet filtering on Linux box.