bulding Firewall in Java !!!!!!!?

I don't think you can, you won't get even close I think. The problem is that a firewall/connection monitor requires intervention at a very low level in the network coding. Java by default, is a very high level language and runs inside a JVM, a shielded environment. You might get around some limitations by using native code, but I don't believe a pure java firewall can be done, it will not be efficient, nor will it have full network support.

esmo at 2007-6-29 1:08:41 >

Hi usama_ra,

Please go through it, so that you will get a brief idea about the firewall.

Applets are subject to heavy security constraints when executing under the control of a browser. Applets are unable to access the local file-system, to bind to local ports, or to connect to a computer via

sockets other than the computer from which the applet is loaded. While it may seem to be an annoyance for developers, there are many good reasons why such tight constraints are placed on applets.

Applets could bind to well known ports, and service network clients without authorization or consent. Applets executing within firewalls could obtain privileged information, and then send it across the

network. Applets could even be infected by viruses, such as the Java StrangeBrew strain. Applets might become infected without an applet author's knowledge and then send information back that

might leave hosts vulnerable to attack.

Signed applets may be allowed greater freedom by browsers than unsigned applets, which could be an option. In cases where an applet must be capable of network communication, HTTP can be used

as a communication mechanism. An applet could communicate via java.net.URLConnection with a CGI script, or a Java servlet. This has an added advantage - applets that use the URLConnection will be

able to communicate through a firewall.

Also please refer this URL which has a good information.

http://www.securingjava.com/chapter-five/chapter-five-5.html

I hope this will help you.

Thanks

Bakrudeen

Technical Support Engineer

Sun MicroSystems Inc, India

bakrudeen_indts at 2007-6-29 1:08:41 >

Hi Bakrudeen ,shadowcat45 :

thank u for your replaying , u help me so much .

and i just want to tell u what i need to do and how i think i will do it .

* first i have won a free shcroll ship to study java and i will Enter SCJP in 2 weeks After that i hope to make a my graduate project "a Firewall in pure java . "

* i thing i will make my firewall operate on Application Layer not on Network Layer .

* what i need to know what is the ways i can use to read ip Packets and to communicate with TCP/IP Stack .

thanks

* and about listening to all ports there is class "SoketPremesion" whice can used to listen to all ports !!! i don't know if this is a wite choise or not ..

thanks

usama_ra at 2007-6-29 1:08:41 >