Informatik, Modellbau und Privates von Georg
[ start | index | login ]
Home > Firewall

Firewall

Created by georg. Last edited by georg, 4 years and 55 days ago. Viewed 683 times. #13
[diff] [history] [edit] [rdf]
labels
attachments
black.list (22)
firewall (1772)
fw_start_short.conf (8856)
fw_stop.conf (3018)
host2ip.sh (302)
logfilescanner.pl (203)
myfw.pl (3281)

General

I use a perl script that was written by alex. A added some features like multiple dialup interfaces and a blacklist.

Description

The perl script is calles myfw.pl and has a couple of options. The basic ones are the configuration file and the blacklist file. You network address and the IPs of you local machines should be modified at the top of the script.

Config file

The configuation file consists of lines of iptables commands that are a bit shortened by omitting the "iptables" command name. Additionally one can use variables in the lines.

See >>fw_start_short.conf and >>fw_stop.conf

Black list

The black list is a file that contains in each line an IP and maybe a comment. Each line in the configuration file that contains the variable $BLACKLIST will be executed for each line in the black list.

See >>black.list

Start script and Installation

The script >>firewall is written for SuSE 8.2 but it should also run under newer versions. I recommend to copy it to /etc/init.d/ and make a link to /etc/init.d/rc.{3,5}/SXXfirewall where XX is a number high enough that you network is loaded.

The configuration files should go the /etc/filewall/ and the myfw.pl should reside in /usr/local/sbin.

Generate black list from webserver log

I had trouble that some sex-sites have used a script to come come high up in my "People came here from" list. To avoid traffic and get rid of them I wrote this IP-based black list.

To generate the black list automatically I have written two very tiny scripts. >>logfilescanner.pl reads a logfile from snipsnap webserver or from an apache webserver and extract all hostnames.

>>host2ip.sh converts the list of hostnames to a list black list file with comments.

complete commandline:

./logfilescanner.pl < logfile.log | ./host2ip.sh | sort > black.list

no comments | post comment

Content

Help
For hints about formatting text see snipsnap-help.

Logged in Users: (0)
… and a Guest.

Recently Changed
snipsnap.org | Copyright 2000-2002 Matthias L. Jugel and Stephan J. Schmidt