A comprehensive, production-ready firewall solution for securing LLM interactions with dual-layer content filtering, AI-based guards, and enterprise licensing.
For clients deploying the firewall:
For vendors delivering to clients:
For developers working on the codebase:
LoAFirewall/
βββ src/ # Core application code
β βββ core/ # Core firewall components
β β βββ firewall.py # Main firewall orchestrator
β β βββ category_manager.py # Category conflict resolution
β β βββ config_manager.py # Configuration management
β βββ api/ # API layer
β β βββ api.py # Flask REST API
β β βββ service.py # Firewall service with licensing
β βββ guards/ # AI guard implementations
β β βββ base_guard.py # Abstract base class
β β βββ llama_guard.py # LLaMA Guard 3 implementation
β β βββ granite_guard.py # IBM Granite Guardian
β βββ filters/ # Filtering components
β β βββ keyword_filter.py # Keyword/regex filtering
β βββ licensing/ # License management
β βββ license_manager.py # License validation
β βββ generate_license.py # License generation
βββ config/ # Configuration files
β βββ config.json # Main configuration
β βββ config.py # Configuration constants
β βββ blacklists/ # Keyword blacklists
βββ deployment/ # Deployment files
β βββ docker/ # Docker configurations
β βββ scripts/ # Build and deployment scripts
β βββ client-packages/ # Pre-built client packages
βββ docs/ # Documentation
β βββ client/ # Client-facing documentation
β βββ vendor/ # Vendor/delivery documentation
β βββ development/ # Development documentation
βββ examples/ # Demos and examples
β βββ demos/ # Demo applications
β βββ client/ # Client example code
βββ tests/ # Test files
βββ logs/ # Log files (created at runtime)
βββ pyproject.toml # Python project configuration
βββ poetry.lock # Dependency lock file
βββ run.py # Main entry point
The firewall uses a multi-layer approach:
- Keyword Filter: Fast regex-based detection for known patterns
- AI Guards: Multiple AI models for comprehensive content analysis
- Primary Guard: Advanced content classification and threat detection
- Secondary Guard: Additional safety validation and cross-verification
- Category Resolution: Intelligent conflict resolution and consensus building
- Licensing: Time-based license validation for commercial deployment
# Install dependencies
poetry install
# Run with default configuration
python run.py
# Run with custom configuration
python run.py --config config/config.json --host 0.0.0.0 --port 5001# Using Docker Compose (recommended)
cd deployment/docker
docker-compose up -d
# Using the service wrapper
python src/api/service.py# Command-line demo
python examples/demos/demo.py
# Web interface demo
python examples/demos/web_demo.py
# Visit http://localhost:8080# Basic API tests
python tests/test_keywords_api.py
# Firewall integration tests
python tests/firewall_test_cases.pycurl -X POST http://localhost:5001/check \
-H "Content-Type: application/json" \
-d '{"text": "Your content to analyze"}'Safe Content Response:
{
"request_id": "abc-123-def",
"is_safe": true,
"category": "safe",
"confidence": "high",
"reason": "Content analysis completed successfully",
"analysis": {
"guards": [
{"guard_id": "guard_1", "status": "safe", "confidence": "normal"},
{"guard_id": "guard_2", "status": "safe", "confidence": "normal"}
],
"keyword_filter": {
"enabled": true,
"status": "safe",
"matches_found": 0
},
"consensus": true
},
"processing_time_ms": 245.67,
"timestamp": 1673234567.123
}Unsafe Content Response:
{
"request_id": "def-456-ghi",
"is_safe": false,
"category": "harmful_content",
"confidence": "high",
"reason": "Unsafe content detected",
"analysis": {
"guards": [
{
"guard_id": "guard_1",
"status": "flagged",
"confidence": "normal",
"detection_type": "harmful_content"
},
{"guard_id": "guard_2", "status": "safe", "confidence": "normal"}
],
"keyword_filter": {
"enabled": true,
"status": "safe",
"matches_found": 0
},
"consensus": false
},
"processing_time_ms": 312.45,
"timestamp": 1673234567.123
}- is_safe: Boolean indicating if content is safe
- category: Content classification (
safe,harmful_content,policy_violation,injection_attempt,unsafe_content) - confidence: Analysis confidence level (
high,medium,low) - reason: Human-readable explanation of the decision
- analysis.guards: Summary of guard results (anonymized)
- analysis.keyword_filter: Keyword filtering summary
- analysis.consensus: Whether all guards agreed
- processing_time_ms: Processing time in milliseconds
Health Check:
curl http://localhost:5001/healthGet Current Keywords:
curl http://localhost:5001/keywordsUpdate Keywords:
curl -X PUT http://localhost:5001/keywords \
-H "Content-Type: application/json" \
-d '{"keywords": ["malware", "hack"], "regex_patterns": ["\\bpassword\\b"]}'Get Statistics:
curl http://localhost:5001/stats The API returns appropriate HTTP status codes:
- 200: Success
- 400: Bad request (missing fields, invalid JSON)
- 403: License validation failed
- 500: Internal server error
All error responses include:
{
"error": "Error description",
"request_id": "unique-request-id",
"message": "Detailed error message"
}Main configuration is in config/config.json:
- Keyword Filter: Enable/disable, blacklist files, short-circuit behavior
- AI Guards: Model configurations, category mappings, thresholds
- Categories: Unified category system, conflict resolution strategies
- API: Host, port, logging settings
- License-based Access: Time-limited, encrypted licenses
- Fail-safe Design: Graceful degradation with safety fallbacks
- Docker Isolation: Containerized deployment options
- Category Mapping: Unified threat classification system
- Sanitized Responses: Implementation details protected from clients
- Comprehensive Logging: Detailed audit trails for analysis and monitoring
- Timeout Protection: Prevents hanging operations with automatic fallbacks
cd deployment/scripts
# Generate client package with license
python build_client_image.py \
--customer "Client Name" \
--tag "firewall:client-v1.0" \
--secret "master-secret-key" \
--days 180# Build standalone binary
python deployment/scripts/build_binary.py- Create new guard class extending
BaseGuard - Implement
initialize()andcheck_content()methods - Register in
firewall.pyguard registry - Add configuration to
config.json
- Create filter class in
src/filters/ - Implement filtering logic
- Integrate in
firewall.pypipeline
- Python: 3.8+
- Memory: 4GB+ RAM (8GB recommended)
- Storage: 10GB+ for models
- Network: Internet access for model downloads
- Docker: For containerized deployment
This software requires a valid license key for operation. Contact your vendor for licensing information.
- Check Documentation: Relevant guides in
docs/directory - Review Logs: Check
logs/firewall.logfor errors - Run Health Check:
curl http://localhost:5001/health - Contact Vendor: For licensing and support issues
- Feedback loop: design a button to send false label/data to the server.