Re: OT - rule based system for a fire wall

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 2004-10-15 at 12:16, Ishwar Rattan wrote:
> It is a little off-topic but some one here may
> know something about.
> 
> I have seen an idea being floated:
> 
> - A firewall uses a set of rules to filter packets (a fact)
> 
> - Proposal: possibility of desigaingn a rule based system
>   (call it rule-system) that will insert correct rules in the
>   firewall (sounds ambiguous)
> 
> - Is there such a thing out there? if the propser won't
>   part with any more details, what kind of gusses can be
>   made?
> 
>   1. Rule-system can interact with a user and then insert
>      rules in the firewall -- I think this has already been
>      accomplished??
> 
>   2. Rule-system could look at logged information (firewall
>      logs) and come up with better/new rules?
> 
>   3. Is there any other facet/issue that I am missing here..
> 
> It still bugs me to think of a rule-system that will insert
> rules into another rule based system :-|
> 
> Any feedback will be appreciated.
> 
> -ishwar
I'm not entirely sure I understand you.  Are you looking for something
that will dynamically change a running rule set based upon events or a
user interface to alter an existing rule set?

There are some very good rule configurators available such as fwbuild
(http://www.fwbuilder.org), shorewall (http://www.shorewall.net) and
several other that have been recommended on this list.  For a policy
rather than rules based approach, take a look at ISCS
(http://iscs.sourceforge.net).  Hope this helps - John
-- 
John A. Sullivan III
Open Source Development Corporation
Financially sustainable open source development
http://www.opensourcedevel.com



[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux