Changed lines at line 3
3: The perl script is calles myfw.pl and has a couple of options. The basic ones are the configuration file and the blacklist file. You network address and the IPs of you local machines should be modified at the top of the script.
4: The configuation file consists of lines of iptables commands that are a bit shortened by omitting the "iptables" command name. Additionally one can use variables in the lines.
5: The black list is a file that contains in each line an IP and maybe a comment. The IPs can be used in the configuation file with the variable $BLACKLIST.
6: 1 Examples
7: 1 Description
8: The perl script is calles myfw.pl and has a couple of options. The basic ones are the configuration file and the blacklist file. You network address and the IPs of you local machines should be modified at the top of the script.
9: 1.1 Config file
10: The configuation file consists of lines of iptables commands that are a bit shortened by omitting the "iptables" command name. Additionally one can use variables in the lines.
11: See {link:fw_start_short.conf|http://snipsnap.flexman.homeip.net/space/Firewall/fw_start_short.conf} and {link:fw_stop.conf|http://snipsnap.flexman.homeip.net/space/Firewall/fw_stop.conf}
12: 1.1 Black list
13: The black list is a file that contains in each line an IP and maybe a comment. Each line in the configuration file that contains the variable $BLACKLIST will be executed for each line in the black list.
14: See {link:black.list|http://snipsnap.flexman.homeip.net/space/Firewall/black.list}
15: 1.1 Start script and Installation
16: The script {link:firewall|http://snipsnap.flexman.homeip.net/space/Firewall/firewall} is written for SuSE 8.2 but it should also run under newer versions. I recommend to copy it to /etc/init.d/ and make a link to /etc/init.d/rc.{3,5}/SXXfirewall where XX is a number high enough that you network is loaded.
17: The configuration files should go the /etc/filewall/ and the myfw.pl should reside in /usr/local/sbin.
18: 1.1 Generate black list from webserver log
19: I had trouble that some sex-sites have used a script to come come high up in my "People came here from" list. To avoid traffic and get rid of them I wrote this IP-based black list.
20: To generate the black list automatically I have written two very tiny scripts. {link:logfilescanner.pl|http://snipsnap.flexman.homeip.net/space/Firewall/logfilescanner.pl} reads a logfile from snipsnap webserver or from an apache webserver and extract all hostnames.
21: {link:host2ip.sh|http://snipsnap.flexman.homeip.net/space/Firewall/host2ip.sh} converts the list of hostnames to a list black list file with comments.
22: complete commandline:
23: {code:shell}
24: ./logfilescanner.pl < 2004_07_08.request.log | ./host2ip.sh | sort > black.list
25: {code}
26:
Konfigurationen
Powered by SnipSnap 1.0b2-uttoxeter