Dynamic Blacklisting Iptables plus Firewall GUI for Bluequartz
In Use at AroundMyRoom
This is a perl daemon that uses a shell script and php front end.
Features
Easy Iptables configuration
Automated Whitelist and Blacklist
Protection against Attempted Service Exploits, it will Kill attacks with seconds
Completely configurable by web front end.
You will require the following Perl modules from cpan.
Proc::Daemon
Proc::PID::File
NetAddr::IP
Quickest way of getting these is by..
# perl -MCPAN -e 'install NetAddr::IP'
# perl -MCPAN -e 'install Proc::Daemon'
# perl -MCPAN -e 'install Proc::PID::File'
Download
Then as root..
tar -cxzf firewall.tgz
cp lists.xml /usr/sausalito/ui/menu/base/lists.xml
mkdir /usr/sausalito/ui/web/base/firewall
cp firewall.php /usr/sausalito/ui/web/base/firewall
mkdir /home/firewall
touch /home/firewall/blacklist
touch /home/firewall/whitelist
touch /home/firewall/ports
touch /home/firewall/udp
touch /home/firewall/ftp
cp rules /home/firewall
chown apache.apache /home/firewall -R
chmod 700 /home/firewall -R
cp iptables.sh /usr/bin/
chmod 755 /usr/bin/iptables.sh
cp monitor2.pl /usr/bin/
chmod 755 /usr/bin/monitor2.pl
Backup your /etc/cron.hourly/log_traffic replace it with the log_traffic file
supplied.
If you are ssh'd into your machine PLEASE put your PC's IP in the whitelist (one
entry per line) optional you can please netmask i.e 192.168.0.1/24
To start the Daemon:
Please restart your iptables using /etc/init.d/iptables -restart to make sure
the correct chains are in place to start with the first time you use this
/usr/bin/monitor2.pl
To stop the Daemon:
/usr/bin/monitor2.pl stop
You'll find a log file at:
/var/log/monitor_log
You can reduce the output to this log by setting the $log to 0 in the
monitor2.pl
The php front end will by available the next time you log in under "Network
Services" it will dynamically reload the settings to the daemon.
Please send some feedback and suggestions on further development.
Thanks
LEigh
[email protected]