The Plan

Part I: Using Debian's Live-Build Online Image Builder

Share a recipe for building a filtering bridge firewall using Corey's script generator on a Debian Live system. Our example will run the entire system on a USB flash drive, from a disk image made with Debian's Live-Build online image builder. 

Automate the configuration of networking files and services like time, mail, and log monitoring.  Go through the rest of the uw-setup script to incorporate anything which is still pertinent and useful to our new platform.

Part II: Using Debian's Live-Build on a Local System

Offer a similar recipe for building an image locally – on your own system. We are currently testing a build system and procedure using a local Debian install as the build environment. Live-Build allows you to build everything into your USB or CD image without the need for a persistent partition, if you want that.

Part III: Updating the NDC LFW Rule Generator for Modern Systems

A more thorough update of the NDC LFW script generator. We hope to get help from the UW TechSupport community and UWIT for that. Hopefully it can be modified to generate scripts which will work well with both Gibraltar and Debian Live (and other modern systems).

Part IV: Making a CLI version of the NDC LFW Rule Generator

A command-line interface (CLI) version will allow us to run the generator from within the GnarWall system.  This will make it more convenient for users to modify their rules without going back to the web-based rule generator, or having to hand-hack their scripts.  It will also mean that a user could initially create their scripts without having to use the web-based generator at all, if that was their preference.

Part V: Packaging the NDC LFW Rule Generator for Debian Systems

Once we have the CLI version, then we can package GnarWall for easy installation.  As the Debian Live Build system can include whichever packages we want, it is only natural to include our work this way.  We can take advantage of the standard package configuration tools to configure GnarWall firewalls from within the live system.