SourceFiles.org - Use the Source, Luke
Home | Register | News | Forums | Guide | MyLinks | Bookmark

Related Sites

Latest News
  General News
  Reviews
  Press Releases
  Software
  Hardware
  Security
  Tutorials
  Off Topic


Back to files

README: Thu Feb 24 13:56:03 CET 2000

*** DynFw for ipchains ***

VERSION: 0.2.1

Automatically respond to violations of firewallrules

DynFW for ipchains constantly checks /var/log/messages for packets denied by ipchains and responds by temporarily setting up firewallrules that deny any access from the originating IPs.
Optionally it can do an ident lookup before setting up the rules.

changes 0.2:
- using perl module tail instead of system's tail binary - starting & stopping is handled by pid - deleting rules after stopping
- insert rules after restarting
- dynamic reading of 'GOODPORTS' and 'FRIENDS' after changing these files

changes 0.2.1:
- deleting is handled by the main script - dynfw delete IP for deleting single IPs from the firewall - translate all comments to "English"

short instructions: (for more information look at the source)

the script depends on:
ipchains, perl (requires Net-Ident, File-Tail, Time-HiRes modules)

  1. Make ipchains log violations (option -l)
  2. Set up a chain named "dynamic". It should be the first entry in your input chain

    /sbin/ipchains -N dynamic /sbin/ipchains -I input 1 -j dynamic

  3. configure the global config file 'dynfw_global.pl' to your needs
  4. edit file FRIENDS and GOODPORTS
  5. run it by 'dynfw start' and feel happy.

Check the logging file under /var/log/dynfwlog. Stopping by 'dynfw stop'.

feedback and bugreport: marcus.schopen@uni-bielefeld.de


Other Sites

Discussion Groups
  Beginners
  Distributions
  Networking / Security
  Software
  PDAs

About | FAQ | Privacy | Awards | Contact
Comments to the webmaster are welcome.
Copyright 2006 Sourcefiles.org All rights reserved.