Go • Linux Networking • Docker • nftables

Enclave Firewall Manager

A Go-based firewall management tool that syncs rules from an endpoint, applies them to nftables, and validates ingress and egress behavior through a containerized test environment.

GitHub

Project Overview

This project centers on building a command-line tool for loading firewall rules from a remote endpoint and applying them locally through nftables. It demonstrates lower-level systems work, containerized debugging, and practical validation of network-policy behavior.

Key Responsibilities

Implemented sync and status command flows for firewall rule management.
Used Go to interact with rule configuration and local nftables behavior.
Set up a Docker Compose environment to simulate traffic between containers.
Validated blocked and allowed network flows using netcat-based testing.

Technical Highlights

Rule Synchronization

Pulls firewall definitions from a JSON endpoint and applies them locally.

nftables Integration

Works directly with Linux firewall rules instead of abstracting the system away.

Containerized Testing

Uses multiple containers to simulate cross-container traffic and validate policies.

Status Reporting

Surfaces human-readable status output for currently applied firewall rules.