npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

ghost_firewall

v1.0.1

Published

A powerful and advanced firewall npm package with many advanced features.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

mohdrashmohdrash

Keywords

firewallsecuritynetworknpmpackage

Readme

GhostFirewall: The Advanced Node.js Firewall

GhostFirewall Logo

GhostFirewall is a cutting-edge, highly customizable firewall solution implemented as an npm package for Node.js applications. Designed with extensibility and performance in mind, it provides robust protection against various network threats, offering both traditional packet filtering and advanced, intelligent security features.

Features

GhostFirewall goes beyond basic packet filtering, incorporating a suite of advanced features to provide comprehensive security:

  • Rule-Based Packet Filtering: Define custom rules based on IP addresses (source/destination), ports, protocols (TCP, UDP, ICMP), and more.
  • Deep Packet Inspection (DPI): Inspect packet payloads for specific content patterns, enabling detection of known attack signatures (e.g., SQL injection attempts, XSS payloads).
  • Stateful Packet Inspection (SPI): Intelligently track the state of network connections to allow legitimate traffic and block unauthorized packets that don't conform to established sessions.
  • AI/ML-Driven Threat Detection (Planned): Leverage machine learning models to identify anomalous behavior, zero-day exploits, and sophisticated attacks in real-time.
  • Threat Intelligence Integration (Planned): Integrate with external threat intelligence feeds to automatically block traffic from known malicious IPs, domains, and botnets.
  • Honeypot Functionality (Planned): Deploy decoy systems or services to attract and trap attackers, gathering intelligence on their tactics without compromising your main systems.
  • Real-time Monitoring & Logging: Comprehensive logging of all network events, providing insights into traffic patterns, blocked threats, and potential security incidents.
  • Flexible Rule Management: Easily add, remove, and list firewall rules programmatically.
  • High Performance: Optimized for speed to ensure minimal impact on application performance.

Installation

To install GhostFirewall in your Node.js project, use npm or yarn:

npm install ghost_firewall
# or
yarn add ghost_firewall

Usage

Here's a basic example of how to use GhostFirewall in your application:

const GhostFirewall = require('ghost_firewall');

const firewall = new GhostFirewall();

// Add some rules
firewall.addRule({
  name: 'block_malicious_ip',
  type: 'ip',
  action: 'block',
  source: '192.168.1.100' // Example malicious IP
});

firewall.addRule({
  name: 'allow_http_traffic',
  type: 'port',
  action: 'allow',
  port: 80,
  protocol: 'TCP'
});

firewall.addRule({
  name: 'monitor_sensitive_content',
  type: 'content',
  action: 'monitor',
  contentPattern: 'credit_card_number|social_security_number' // Example pattern for sensitive data
});

firewall.addRule({
  name: 'block_ssh_from_any',
  type: 'port',
  action: 'block',
  port: 22,
  protocol: 'TCP'
});

// List all rules
firewall.listRules();

// Simulate incoming packets and evaluate them
console.log('\n--- Evaluating Packets ---');

const packet1 = { sourceIp: '192.168.1.100', destinationIp: '192.168.1.1', port: 80, protocol: 'TCP', content: 'GET /index.html HTTP/1.1' };
console.log(`Packet 1 (from ${packet1.sourceIp}): ${firewall.evaluatePacket(packet1)}`);

const packet2 = { sourceIp: '192.168.1.5', destinationIp: '192.168.1.1', port: 80, protocol: 'TCP', content: 'GET /data.json HTTP/1.1' };
console.log(`Packet 2 (from ${packet2.sourceIp}): ${firewall.evaluatePacket(packet2)}`);

const packet3 = { sourceIp: '192.168.1.20', destinationIp: '192.168.1.1', port: 22, protocol: 'TCP' };
console.log(`Packet 3 (from ${packet3.sourceIp}): ${firewall.evaluatePacket(packet3)}`);

const packet4 = { sourceIp: '192.168.1.5', destinationIp: '192.168.1.1', port: 443, protocol: 'TCP', content: 'Sensitive data: credit_card_number=1234-5678-9012-3456' };
console.log(`Packet 4 (from ${packet4.sourceIp}): ${firewall.evaluatePacket(packet4)}`);

// Remove a rule
firewall.removeRule('block_malicious_ip');
firewall.listRules();

// Demonstrate advanced features (placeholders)
firewall.isStatefulConnection(packet2);
firewall.detectThreat(packet1);
firewall.detectAttackSignature(packet4);
firewall.checkThreatIntelligence('8.8.8.8');
firewall.setupHoneypot(8080);
firewall.startMonitoring();

API Reference

new GhostFirewall()

Creates a new instance of the GhostFirewall.

firewall.addRule(rule)

Adds a new rule to the firewall.

  • rule (Object): The rule object with the following properties:
    • name (String, required): A unique name for the rule.
    • type (String, required): Type of the rule. Supported types: 'ip', 'port', 'protocol', 'content'.
    • action (String, required): Action to take when the rule matches. Supported actions: 'allow', 'block', 'monitor'.
    • source (String, optional): Source IP address or CIDR range (e.g., '192.168.1.1', '10.0.0.0/8').
    • destination (String, optional): Destination IP address or CIDR range.
    • port (Number, optional): Port number.
    • protocol (String, optional): Protocol (e.g., 'TCP', 'UDP', 'ICMP'). Case-insensitive.
    • contentPattern (String, optional): Regular expression string for deep packet inspection.

Returns true if the rule was added successfully, false otherwise.

firewall.removeRule(ruleName)

Removes a rule by its name.

  • ruleName (String, required): The name of the rule to remove.

Returns true if the rule was removed, false otherwise.

firewall.evaluatePacket(packet)

Evaluates a network packet against the configured firewall rules.

  • packet (Object): The packet object with the following properties:
    • sourceIp (String, required)
    • destinationIp (String, required)
    • port (Number, required)
    • protocol (String, required)
    • content (String, optional): The payload content for DPI.

Returns String: The action taken ('allow', 'block', 'monitor') based on the matching rule. Defaults to 'allow' if no rule matches.

firewall.listRules()

Lists all currently configured firewall rules.

Returns Array<Object>: An array of rule objects.

Advanced Features (Placeholders for Future Development)

These methods represent planned advanced functionalities and are currently placeholders. Their full implementation would involve complex network interactions, AI/ML integrations, and external API calls.

  • firewall.isStatefulConnection(packet): Checks if a packet belongs to an established connection.
  • firewall.detectThreat(packet): Applies AI/ML to detect threats.
  • firewall.detectAttackSignature(packet): Performs DPI for known attack signatures.
  • firewall.checkThreatIntelligence(ipAddress): Queries external threat intelligence.
  • firewall.setupHoneypot(port): Configures a honeypot.
  • firewall.startMonitoring(): Initiates real-time traffic monitoring.

Contributing

We welcome contributions to GhostFirewall! Please feel free to submit issues or pull requests.

License

This project is licensed under the MIT License - see the LICENSE file for details.

Note: This is a conceptual implementation for demonstration purposes. A production-grade firewall would require deep integration with operating system network stacks, advanced packet parsing, and robust error handling.