[Sderby] Auto generating firewall rules, is this possible?
Ashley Heath
ashley.heath at bigfoot.com
Tue May 11 17:45:30 BST 2004
Hi all,
Anyone know of any way to put iptables (or some other software) into learn mode to automatically generate firewall rules in Linux. I don't want to have to trawl through masses of logs initially.
Are there any hardware firewall appliances that will also do the above?
Main reason being this is for an existing network that has been running for years and know one is really sure exactly what runs over it and what needs to be allowed or blocked. If we can get a list of rules then we can work through them and deny any that shouldn't be there. Denying everything and then opening ports where necessary is not really an option as this will impact business operations to much.
Any other suggestions welcome.
Cheers,
Ash
More information about the Sderby
mailing list