I made a thing.
The ipwaiter is a script which is meant to help client machines (not really for servers, but it can work) handle the accepting and blocking of packets on specific ports.
ipwaiter is like an extremely simplified firewalld, if firewalld was written by a single person in a couple of hours using only shell script with the only goal of serving the author's specific use cases. Yeah.
ipwaiter handles the firewall as if it were a collection of services - or in keeping with our restaurant related theme - orders. Orders are simple configuration files that use iptables syntax - but do not include the chain name - and can do anything that iptables can do. The difference is that these orders are injected into three special chains - input_orders, forward_orders, and output_orders. The ipwaiter can dynamically add and remove orders from these chains, meaning that you can - for example - only support SSH connections when you are ready to launch an SSH server, or only accept KDEConnect connections when you are on specific wifi networks.
Of course, since the tool is currently extremely KISS, you would have to script many of these situations on your own. But please, feel free to contribute new orders if you think they are neat or helpful for a client machine.
The tool is very hands off, meaning it will not add these new order chains to your iptables rules anywhere, you are welcome to incorporate them wherever you want to in your packet rules. The only caveat, is that the ipwaiter expects it has exclusive control over these order chains, and will not hesistate to completely remove all rules in them when told to.
For some inspiration, I currently use the script to open up input ports for Steam to host local games when I have a game client open, and then automatically close up these ports when the game closes. I launch the KDEconnect services only when I am connected to my home wifi, and remove the order once I leave or drop connection.
I think it's neat, and maybe you will too.
GitHub
AUR package
========================
Follow pyamsoft around the Web for updates and announcements about the newest applications!
Like what I do?
Send me an email at: pyam.soft@gmail.com
Or find me online at: https://pyamsoft.blogspot.com
Follow my FaceBook Page
Follow my Google+ Page
=========================