netbobr
Firewall Request Risk Analyzer
ACTIVE RULES
Flow 1
Firewall Request Risk Analyzer
| # | Source | Destination | Src Zone | Dst Zone | Protocol / Port | Risk Score | Zone Policy | Top Recommendation | PCI Issues | CIS Issues | NIST Issues | NIS2 Issues | DORA Issues | ATT&CK Issues | Custom |
|---|
The Rules tab shows every compliance rule organized by framework (NIST, CIS, PCI-DSS, and more). Toggle entire frameworks on or off with the master switch, or drill down for granular per-rule control.
Disabled rules are excluded from validation results, letting you focus on the standards that matter for your environment. Your rule configuration is saved with your session file.
Each rule displays its ID, category, and a brief summary so you can quickly decide which rules apply.
Switch to the Zones tab to define your network segments. Add zones by name, then assign subnets (CIDR notation) to each zone.
The zone-to-zone policy matrix lets you set default actions -- Allow, Review, or Deny -- for traffic between any pair of zones. Use the global toggles to quickly set all intra-zone or inter-zone policies at once.
Zone configuration is saved with your session, so you only need to set it up once per project.
netbobr is ephemeral by default -- nothing is stored on a server and all data lives in your browser session. Use the Save button in the header to download your current configuration as a JSON file.
To restore a previous session, click Load and select your saved JSON file. This restores zones, policies, rule toggles, and any entered flows. Use Reset to clear everything and start fresh.
Your privacy is guaranteed: 100% browser-side processing means no network traffic leaves your machine during validation.
On the Manual Entry tab, enter a firewall flow by specifying source IP/subnet, destination IP/subnet, protocol, and port. Click Validate Flow to see instant compliance results.
You can add multiple flows (up to 20) in a single session and validate them all at once. Each flow gets its own result card with findings, risk score, and recommended actions.
Use the protocol auto-detect feature -- selecting a well-known port automatically sets the correct protocol.
After validation, results appear in a sortable table. Sort by source IP, destination IP, port, or verdict to find what you need quickly.
Click any row to expand findings -- each finding shows the triggered rule, severity, and remediation guidance. The overall risk score gives you an at-a-glance assessment of each flow.
Use the Export CSV button to download results for reporting, audits, or further analysis in your preferred spreadsheet tool.
For bulk validation, switch to the CSV Import tab. Click Download data template to get a pre-formatted CSV with the correct column headers.
Fill in up to 500 rows of firewall flows, then drag and drop your file onto the upload zone (or click to browse). netbobr validates all rows instantly and displays batch results.
Batch results support the same sorting and expansion as manual flows. Click Export findings CSV to get a detailed compliance report for your entire rule set.
netbobr's strength is rule quality assessment. It does not need resolved IPs to do useful work. It evaluates how broad your source and destination networks are and flags when a rule covers more hosts than you might expect. It checks the requested service and port exposure. It looks at the underlying protocol and whether it transmits data in plaintext or relies on weak default authentication. That is how the risk score is calculated.
On the compliance side, over 90% of findings are driven by protocol and port, not by IP address. netbobr catches those violations regardless of how the endpoints are addressed.
netbobr operates at Layer 3/4 of the OSI model with a limited attempt at Layer 7 through service-name lookups on well-known ports. It cannot resolve FQDNs to IP addresses. A hostname like "api.stripe.com" returns different IPs by region, time of day, and CDN edge. A browser-based tool with no backend cannot perform DNS lookups, so netbobr is a static, client-side firewall request analyzer without FQDN resolution.
The tool also lacks coverage for custom port mappings. If a service runs on a non-standard port, netbobr will not recognise it. Custom port support may ship in a future release using the same principles that drive the existing engine.
netbobr is a client-side static analyzer. The built-in policies and the scoring engine behind them reflect years of hands-on network security work, tested and refined through daily use by the author.
FQDN support would require a server-side component and is significantly more complex than what netbobr does today. The same applies to cloud-native constructs like Azure service tags, AWS security group IDs, and Kubernetes labels. These are opaque references that mean nothing without querying the platform to resolve the underlying IPs, protocols, and ports. Both capabilities are on the radar if netbobr ever moves toward a commercial offering.
