2019
Small PoC as illustration for the eternal discussion DROP vs. REJECT
by dzc
This trying to answer a question "Which rules (DROP or REJECT) should be used in firewalls, IDS etc"
2015
Gufw - interface graphique pare-feu UFW
by dzc
Gufw est une interface graphique pour le logiciel de configuration du pare-feu installé par défaut dans Ubuntu : UFW.
UFW - Uncomplicated Firewall
by dzc
UFW est un nouvel outil de configuration simplifié en ligne de commande de Netfilter, qui donne une alternative à l'outil iptables.
2014
2011
fail2ban and iptables < System | The Art of Web
by sylvainulg (via)
bored of dictionnary attacks on your SSH daemon ?
2010
Geekfault » Eeegw – part III – Quality Of Service aka QOS
by nicolargo
QoS sur Linux avec IPtables, un exemple de plus !
Shoreline Firewall
by nicolargo & 1 other
Shoreline, un outil de configuration de la QoS sur un routeur/firewall Linux
NuFirewall - Wiki - NuFW Project Homepage
by dzc (via)
NuFirewall is a Linux distribution which provides a ready and easy to use firewall based on Netfilter and NuFW.
Quick HOWTO : Ch14 : Linux Firewalls Using iptables - Linux Home Networking
by nicolargo & 1 other (via)
Un très bon how-to sur le Firewall iptables
2009
netfilter/iptables project homepage - The netfilter.org "libnetfilter_queue" project
by sylvainulg
doh. the one below is deprecated. If you did iptables [...] -j QUEUE, this is what happens next.
Manpage of LIBIPQ
by sylvainulg (via)
a barebone example of the "queue-to-userland-processing" feature of netfilter
2008
2007
Firewall Builder
by lecyborg
Firewall Builder is multi-platform firewall configuration and management tool. It consists of a GUI and set of policy compilers for various firewall platforms. Firewall Builder uses object-oriented approach, it helps administrator maintain a database of network objects and allows policy editing using simple drag-and-drop operations. Firewall Builder currently supports iptables, ipfilter, OpenBSD PF and Cisco PIX. Technical summary of features supported by the policy compilers for all platforms can be found in the section "Modules" (see menu on the left).
Being truly vendor-neutral, Firewall Builder can generate configuration file for any supported target firewall platform from the same policy created in its GUI. This provides for both consistent policy management solution for heterogeneous environments and possible migration path.
IPtables log analizer
by lecyborg
IPTables log analizer (TODO : find a nice name for it) displays Linux 2.4 iptables logs (rejected, acepted, masqueraded packets...) in a nice HTML page (it support rough netfilter logs but also Shorewall and Suse Firewall logs).
This page shall be easy to read and understand to reduce the manual analysis time.
This page containts statistics on packets and links to more detailled information on a given host, port, domain and so on.
firewall Eyes : iptables log analysis tool
by lecyborg
Firewall Eyes est un outil d'analyse de logs en temps réel pour le pare-feu iptables. Grâce à une interface Web, vous visualisez et supervisez simplement et efficacement l'activité réseau traversant votre firewall.
Vous détectez aisément les activités suspectes et ajustez votre politique de sécurité.
