Hi, Like to share the new version of my firewall script - fwguardian 5.0 Many features have been incorporated and the web interface has been improved. http://sourceforge.net/projects/humbertolj/ 1. New extension support (profile option) - You can find anti-ddos examples into /opt/fw5.0/profile/profile.def (Examples are tested and working in production environments) - You can add SYNPROXY, GeoIP, IPP2P support in a easy way (debian/ubuntu): /opt/fw5.0/modules/tools/apps/xtables-addons.sh - I used this script to protect our routers from constant DDoS attacks. I made a bridge-firewall configuration, with geoip, SYNPROXY and integrated with Suricata IPS. It worked perfectly. 2. Dynamic blacklist with simpleips module - lasting 6 hours. /opt/fw5.0/fwguardian --enable simpleips - Edit the "/opt/fw5.0/securityaddon/config" to user-agent triggers. The logic of this module was based on the Ninja firewall. - Edit the "/opt/fw5.0/fwguardian.conf" and configure IFWAN (monitored interfaces). 3. Scripts to Suricata IPS and Kibana dashboard: /opt/fw5.0/modules/tools/ips/ 4. New dgd (dead-gateway-detection) bugfix and changes 5. More flexible Web interface with ajax and rrd support -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
