Dynamic Blacklisting Iptables plus Firewall GUI for Bluequartz

In Use at AroundMyRoom


This is a perl daemon that uses a shell script and php front end.
Features
Easy Iptables configuration
Automated Whitelist and Blacklist
Protection against Attempted Service Exploits, it will Kill attacks with seconds
Completely configurable by web front end.
You will require the following Perl modules from cpan.
Proc::Daemon
Proc::PID::File
NetAddr::IP
Quickest way of getting these is by..
# perl -MCPAN -e 'install NetAddr::IP'
# perl -MCPAN -e 'install Proc::Daemon'
# perl -MCPAN -e 'install Proc::PID::File'
Download
Then as root..

tar -cxzf firewall.tgz


cp lists.xml /usr/sausalito/ui/menu/base/lists.xml
mkdir /usr/sausalito/ui/web/base/firewall
cp firewall.php /usr/sausalito/ui/web/base/firewall

mkdir /home/firewall
touch /home/firewall/blacklist
touch /home/firewall/whitelist
touch /home/firewall/ports
touch /home/firewall/udp
touch /home/firewall/ftp

cp rules /home/firewall

chown apache.apache /home/firewall -R
chmod 700 /home/firewall -R

cp iptables.sh /usr/bin/
chmod 755 /usr/bin/iptables.sh
cp monitor2.pl /usr/bin/
chmod 755 /usr/bin/monitor2.pl


Backup your /etc/cron.hourly/log_traffic replace it with the log_traffic file supplied.


If you are ssh'd into your machine PLEASE put your PC's IP in the whitelist (one entry per line) optional you can please netmask i.e 192.168.0.1/24

To start the Daemon:

Please restart your iptables using /etc/init.d/iptables -restart to make sure the correct chains are in place to start with the first time you use this
/usr/bin/monitor2.pl

To stop the Daemon:

/usr/bin/monitor2.pl stop

You'll find a log file at:

/var/log/monitor_log

You can reduce the output to this log by setting the $log to 0 in the monitor2.pl

The php front end will by available the next time you log in under "Network Services" it will dynamically reload the settings to the daemon.

Please send some feedback and suggestions on further development.

Thanks

LEigh

[email protected]