=====General===== I use a perl script that was written by Alex. A added some features like multiple dialup interfaces and a blacklist. =====Description===== The perl script is called {{.:firewall:myfw.pl}} and has a couple of options. The basic ones are the configuration file and the blacklist file. You network address and the IPs of you local machines should be modified at the top of the script. ====Config file==== The configuation file consists of lines of iptables commands that are a bit shortened by omitting the ''iptables'' command name. Additionally one can use variables in the lines. See {{.:firewall:fw_start_short.conf}} and {{.:firewall:fw_stop.conf}} ====Black list==== The black list is a file that contains in each line an IP and maybe a comment. Each line in the configuration file that contains the variable $BLACKLIST will be executed for each line in the black list. See {{.:firewall:black.list}} ====Start script and Installation==== The script {{.:firewall:firewall}} is written for SuSE 8.2 but works fine with debian and other versions. I recommend to copy it to ''/etc/init.d/'' and make a link to ''/etc/init.d/rc.{3,5]]/SXXfirewall'' where XX is a number high enough that you network is loaded. The configuration files should go the ''/etc/filewall/'' and the ''myfw.pl'' should reside in ''/usr/local/sbin''. ====Generate black list from webserver log==== I had trouble that some sex-sites have used a script to come high up in my "People came here from" list. To avoid traffic and get rid of them I wrote this IP-based black list. To generate the black list automatically I have written two very tiny scripts. {{.:firewall:logfilescanner.pl}} reads a logfile from snipsnap webserver or from an apache webserver and extract all hostnames. {{.:firewall:host2ip.sh}} converts the list of hostnames to a list black list file with comments. complete commandline: <code bash>./logfilescanner.pl < logfile.log | ./host2ip.sh | sort > black.list </code> {{tag>computing}}