General

I use a perl script that was written by Alex. A added some features like multiple dialup interfaces and a blacklist.

Description

The perl script is called myfw.pl and has a couple of options. The basic ones are the configuration file and the blacklist file. You network address and the IPs of you local machines should be modified at the top of the script.

Config file

The configuation file consists of lines of iptables commands that are a bit shortened by omitting the iptables command name. Additionally one can use variables in the lines.

See fw_start_short.conf and fw_stop.conf

Black list

The black list is a file that contains in each line an IP and maybe a comment. Each line in the configuration file that contains the variable $BLACKLIST will be executed for each line in the black list.

See black.list

Start script and Installation

The script firewall is written for SuSE 8.2 but works fine with debian and other versions. I recommend to copy it to /etc/init.d/ and make a link to /etc/init.d/rc.{3,5]]/SXXfirewall where XX is a number high enough that you network is loaded.

The configuration files should go the /etc/filewall/ and the myfw.pl should reside in /usr/local/sbin.

Generate black list from webserver log

I had trouble that some sex-sites have used a script to come high up in my “People came here from” list. To avoid traffic and get rid of them I wrote this IP-based black list.

To generate the black list automatically I have written two very tiny scripts. logfilescanner.pl reads a logfile from snipsnap webserver or from an apache webserver and extract all hostnames.

host2ip.sh converts the list of hostnames to a list black list file with comments.

complete commandline:

./logfilescanner.pl < logfile.log | ./host2ip.sh | sort > black.list

archive/firewall.txt · Last modified: 13.11.2008 22:19 (external edit)