From: "John A. Sullivan III" <jsullivan@opensourcedevelopmentcorp.com>
To: Ishwar Rattan <ishwar@pali.cps.cmich.edu>
Cc: Netfilter users list <netfilter@lists.netfilter.org>
Subject: Re: OT - rule based system for a fire wall
Date: Fri, 15 Oct 2004 12:20:15 -0400 [thread overview]
Message-ID: <1097857214.2746.28.camel@localhost> (raw)
In-Reply-To: <Pine.LNX.4.56.0410151216210.2188@pali.cps.cmich.edu>
On Fri, 2004-10-15 at 12:16, Ishwar Rattan wrote:
> It is a little off-topic but some one here may
> know something about.
>
> I have seen an idea being floated:
>
> - A firewall uses a set of rules to filter packets (a fact)
>
> - Proposal: possibility of desigaingn a rule based system
> (call it rule-system) that will insert correct rules in the
> firewall (sounds ambiguous)
>
> - Is there such a thing out there? if the propser won't
> part with any more details, what kind of gusses can be
> made?
>
> 1. Rule-system can interact with a user and then insert
> rules in the firewall -- I think this has already been
> accomplished??
>
> 2. Rule-system could look at logged information (firewall
> logs) and come up with better/new rules?
>
> 3. Is there any other facet/issue that I am missing here..
>
> It still bugs me to think of a rule-system that will insert
> rules into another rule based system :-|
>
> Any feedback will be appreciated.
>
> -ishwar
I'm not entirely sure I understand you. Are you looking for something
that will dynamically change a running rule set based upon events or a
user interface to alter an existing rule set?
There are some very good rule configurators available such as fwbuild
(http://www.fwbuilder.org), shorewall (http://www.shorewall.net) and
several other that have been recommended on this list. For a policy
rather than rules based approach, take a look at ISCS
(http://iscs.sourceforge.net). Hope this helps - John
--
John A. Sullivan III
Open Source Development Corporation
Financially sustainable open source development
http://www.opensourcedevel.com
next prev parent reply other threads:[~2004-10-15 16:20 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-10-15 16:16 OT - rule based system for a fire wall Ishwar Rattan
2004-10-15 16:20 ` John A. Sullivan III [this message]
2004-10-16 17:52 ` Jose Maria Lopez
2004-10-18 8:01 ` Eric Leblond
-- strict thread matches above, loose matches on Subject: below --
2004-10-18 16:08 Hudson Delbert J Contr 61 CS/SCBN
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1097857214.2746.28.camel@localhost \
--to=jsullivan@opensourcedevelopmentcorp.com \
--cc=ishwar@pali.cps.cmich.edu \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.