Firewall
 » 
Firewall Discussions
 » 
Firewall (securityfocus.com)

IPTables default/template rule database

View: New views
6 Messages — Rating Filter:   Alert me  

IPTables default/template rule database

by Serg B. :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Hi All,

I was thinking about creating a default/template rule database for
IPTables. Something similar to rule database defined for mod_security
and regular expression library.

Probably something wiki like, where users can contribute their own
IPTables rules to the main database (as well as the documentation and
maybe a unit test utility?)

Does anyone have any feedback about this? Good idea? Useless idea?
Perhaps something like this is already out there and I missed it? Etc.


   Serg

RE: IPTables default/template rule database

by quan-3 :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

This is really good idea. If we are talking about a template rules db, we
must have a view about all IDS, worm, virus (content filtering from
patch-o-matic), ...

Actually, I had created for mysefl, and it'd taken so much time.

I'm in.

--------
Quan
 
 
-----Original Message-----
From: listbounce@... [mailto:listbounce@...] On
Behalf Of Serg B.
Sent: Thursday, October 12, 2006 10:44 PM
To: firewalls@...; LUV
Subject: IPTables default/template rule database

Hi All,

I was thinking about creating a default/template rule database for
IPTables. Something similar to rule database defined for mod_security
and regular expression library.

Probably something wiki like, where users can contribute their own
IPTables rules to the main database (as well as the documentation and
maybe a unit test utility?)

Does anyone have any feedback about this? Good idea? Useless idea?
Perhaps something like this is already out there and I missed it? Etc.


   Serg

Parent Message unknown Re: IPTables default/template rule database

by dgr8hunt :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Not a bad idea but not a great idea. There are already lot of firewalls available those utilize IPTable rules. Like Shorewall/IPCop etc. I was running a firewall with IPTable rules but after evaluating those firewalls I left making manual IPTable entries and installed Shorewall for my network.

That was a personal opinion but If there are good amount of administrators those are still making manual entries of IPTables rules then it can be a good idea. And I am doubtful for that case.


----- Original Message ----
From: Serg B. <sergicles@...>
To: firewalls@...; LUV <luv-main@...>
Sent: Thursday, October 12, 2006 9:14:03 PM
Subject: IPTables default/template rule database


Hi All,

I was thinking about creating a default/template rule database for
IPTables. Something similar to rule database defined for mod_security
and regular expression library.

Probably something wiki like, where users can contribute their own
IPTables rules to the main database (as well as the documentation and
maybe a unit test utility?)

Does anyone have any feedback about this? Good idea? Useless idea?
Perhaps something like this is already out there and I missed it? Etc.


   Serg



Re: IPTables default/template rule database

by Leif Hardison :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Hi Serg,

Is what you are suggesting to create a repository of "recipes" that
create access control lists to handle particular events, which would
be described by the submitter or author of the recipe?

For example if Serg wanted to share his recommended set of access
control lists for his newly released application he could specify
rule(s), which would be made up of a description, a port, a protocol
and a user defined source(s) or destination(s).

A user who wanted to use Serg suggested recipe or template could then
access the database, retrieve the information say in an XML format and
then convert it to his appropriate firewall format in this case IP
tables?

Food for thought,

Leif

On 10/16/06, quan@... <quan@...> wrote:

> This is really good idea. If we are talking about a template rules db, we
> must have a view about all IDS, worm, virus (content filtering from
> patch-o-matic), ...
>
> Actually, I had created for mysefl, and it'd taken so much time.
>
> I'm in.
>
> --------
> Quan
>
>
> -----Original Message-----
> From: listbounce@... [mailto:listbounce@...] On
> Behalf Of Serg B.
> Sent: Thursday, October 12, 2006 10:44 PM
> To: firewalls@...; LUV
> Subject: IPTables default/template rule database
>
> Hi All,
>
> I was thinking about creating a default/template rule database for
> IPTables. Something similar to rule database defined for mod_security
> and regular expression library.
>
> Probably something wiki like, where users can contribute their own
> IPTables rules to the main database (as well as the documentation and
> maybe a unit test utility?)
>
> Does anyone have any feedback about this? Good idea? Useless idea?
> Perhaps something like this is already out there and I missed it? Etc.
>
>
>    Serg
>

Re: IPTables default/template rule database

by Bora Özden :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Anything new about this from the last post i saw from Leif Hardison.
Overall it seems to be a good idea which i also mentioned before on some
other lists.

Thanks
Bora

Leif Hardison wrote:

> Hi Serg,
>
> Is what you are suggesting to create a repository of "recipes" that
> create access control lists to handle particular events, which would
> be described by the submitter or author of the recipe?
>
> For example if Serg wanted to share his recommended set of access
> control lists for his newly released application he could specify
> rule(s), which would be made up of a description, a port, a protocol
> and a user defined source(s) or destination(s).
>
> A user who wanted to use Serg suggested recipe or template could then
> access the database, retrieve the information say in an XML format and
> then convert it to his appropriate firewall format in this case IP
> tables?
>
> Food for thought,
>
> Leif
>
> On 10/16/06, quan@... <quan@...> wrote:
>> This is really good idea. If we are talking about a template rules
>> db, we
>> must have a view about all IDS, worm, virus (content filtering from
>> patch-o-matic), ...
>>
>> Actually, I had created for mysefl, and it'd taken so much time.
>>
>> I'm in.
>>
>> --------
>> Quan
>>
>>
>> -----Original Message-----
>> From: listbounce@...
>> [mailto:listbounce@...] On
>> Behalf Of Serg B.
>> Sent: Thursday, October 12, 2006 10:44 PM
>> To: firewalls@...; LUV
>> Subject: IPTables default/template rule database
>>
>> Hi All,
>>
>> I was thinking about creating a default/template rule database for
>> IPTables. Something similar to rule database defined for mod_security
>> and regular expression library.
>>
>> Probably something wiki like, where users can contribute their own
>> IPTables rules to the main database (as well as the documentation and
>> maybe a unit test utility?)
>>
>> Does anyone have any feedback about this? Good idea? Useless idea?
>> Perhaps something like this is already out there and I missed it? Etc.
>>
>>
>>    Serg
>>
>
>


Re: IPTables default/template rule database

by Leif Hardison :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Hi Bora,

I have been playing around with some ideas at home.  Mostly everything
still is on the white board.  I'm hoping to have some additional
information to share after the New Year.  150 hours of vacation time,
need something to do =)

Feel free of course to send any additional ideas to the list and myself.

Thanks,

Leif

On 11/7/06, Bora Özden <vbozden@...> wrote:

> Anything new about this from the last post i saw from Leif Hardison.
> Overall it seems to be a good idea which i also mentioned before on some
> other lists.
>
> Thanks
> Bora
>
> Leif Hardison wrote:
> > Hi Serg,
> >
> > Is what you are suggesting to create a repository of "recipes" that
> > create access control lists to handle particular events, which would
> > be described by the submitter or author of the recipe?
> >
> > For example if Serg wanted to share his recommended set of access
> > control lists for his newly released application he could specify
> > rule(s), which would be made up of a description, a port, a protocol
> > and a user defined source(s) or destination(s).
> >
> > A user who wanted to use Serg suggested recipe or template could then
> > access the database, retrieve the information say in an XML format and
> > then convert it to his appropriate firewall format in this case IP
> > tables?
> >
> > Food for thought,
> >
> > Leif
> >
> > On 10/16/06, quan@... <quan@...> wrote:
> >> This is really good idea. If we are talking about a template rules
> >> db, we
> >> must have a view about all IDS, worm, virus (content filtering from
> >> patch-o-matic), ...
> >>
> >> Actually, I had created for mysefl, and it'd taken so much time.
> >>
> >> I'm in.
> >>
> >> --------
> >> Quan
> >>
> >>
> >> -----Original Message-----
> >> From: listbounce@...
> >> [mailto:listbounce@...] On
> >> Behalf Of Serg B.
> >> Sent: Thursday, October 12, 2006 10:44 PM
> >> To: firewalls@...; LUV
> >> Subject: IPTables default/template rule database
> >>
> >> Hi All,
> >>
> >> I was thinking about creating a default/template rule database for
> >> IPTables. Something similar to rule database defined for mod_security
> >> and regular expression library.
> >>
> >> Probably something wiki like, where users can contribute their own
> >> IPTables rules to the main database (as well as the documentation and
> >> maybe a unit test utility?)
> >>
> >> Does anyone have any feedback about this? Good idea? Useless idea?
> >> Perhaps something like this is already out there and I missed it? Etc.
> >>
> >>
> >>    Serg
> >>
> >
> >
>
>
Free embeddable forum powered by Nabble Forum Help