[Sderby] Auto generating firewall rules, is this possible?
Patrick Barber
patrick.barber at tiscali.co.uk
Tue May 11 20:53:29 BST 2004
Ashley Heath wrote:
>Hi all,
>
>Anyone know of any way to put iptables (or some other software) into learn mode to automatically generate firewall rules in Linux. I don't want to have to trawl through masses of logs initially.
>
>Are there any hardware firewall appliances that will also do the above?
>
>Main reason being this is for an existing network that has been running for years and know one is really sure exactly what runs over it and what needs to be allowed or blocked. If we can get a list of rules then we can work through them and deny any that shouldn't be there. Denying everything and then opening ports where necessary is not really an option as this will impact business operations to much.
>
>Any other suggestions welcome.
>
>Cheers,
>Ash
>
>
>
>
>
>_______________________________________________
>Sderby mailing list
>Sderby at mailman.lug.org.uk
>http://mailman.lug.org.uk/mailman/listinfo/sderby
>Web site: http://sderby.lug.org.uk/
>wiki: http://www.sderby.lug.org.uk/cgi-bin/wiki.pl
>Join us on IRC: irc.lug.org.uk #sderby
>
>
The only device i can think of that will produce a list of what running
over a WAN link like this is a Packeteers Packetshaper
(http://www.packeteer.com/), as for firewall rules, not wishing to teach
people to suck eggs, the basics should be
HTTP(S) to anything
DNS to named servers
POP3/IMAP to named servers
SMTP to named servers
other things should be to named servers
--
<regards>
Patrick Barber
email: patrick.barber at tiscali.co.uk
irc Channel: irc.lug.org #sderby
Registered Linux User #332139
http://counter.li.org
<thought>
Is the light at the end of the tunnel an on coming train
</thought>
</regards>
More information about the Sderby
mailing list