[fw-wiz] Dynamic execution of a script on arrival of a packet

From: Alex Ongena (Alex.Ongena@able.be)
Date: 10/30/02


From: Alex Ongena <Alex.Ongena@able.be>
To: firewall <firewall-wizards@honor.icsalabs.com>
Date: Wed Oct 30 10:22:21 2002

Hi,

I'am using Linux 2.4.19 and iptables.
I'am looking to make a thing like:
- by default, everything is denied in the Firewall.
- on arrival of a packet, a 'script' (ex. perl) is
  called that evaluates some packet details (like
  Source IP, Protocol, Port, date and time of
  arrival, etc..) and can decides to 'add an
  iptable rule on the fly' to accept this and
  future packets.
- another script can be runned by cron to remove
  iptable entries when applicable.

The advantage of this script could be that 'acceptance'
criteria can be determined more flexible
(for example, checking a database with the relation
IP <-> User at a certain moment in time)

I know that one has to prevent for DoD with Packet
Flooding, but that can be handled with the iptables
--limit extension.

Thanks for any help
alex
PS: I'am new to this list, does there exist a searchable
archive ?



Relevant Pages

  • Re: Max iptables rules?
    ... Here is my understanding of how Iptables processes firewall rules, ... Lets say the above is our firewall with 1000 rules in it. ... The packet will be compared to the list. ... On the 3rd rule, iptables will find a match and will allow the packet, ...
    (comp.security.firewalls)
  • Re: Max iptables rules?
    ... Here is my understanding of how Iptables processes firewall rules, ... Lets say the above is our firewall with 1000 rules in it. ... The packet will be compared to the list. ... On the 3rd rule, iptables will find a match and will allow the packet, ...
    (comp.security.firewalls)
  • Re: Max iptables rules?
    ... Here is my understanding of how Iptables processes firewall rules, ... Lets say the above is our firewall with 1000 rules in it. ... The packet will be compared to the list. ... On the 3rd rule, iptables will find a match and will allow the packet, ...
    (comp.security.firewalls)
  • Google Summer of Code 2009: Student applies to create a Better IPTables Management Tool
    ... a student) and select the Linux Foundation ... The tool focuses on helping the user to perceive what a particular chains of rules in a particular table does to a user specified packet. ... As the project aims for better IPtables management tool, I can contribute with my hard earned 3 years experience in maintenance of firewalls. ... The tools helps the user to either select all the rules in the chain or some particular rules and tells the impact of the application of selected rules upon the incoming/outgoing packet. ...
    (Linux-Kernel)
  • Re: securing Ubuntu and firewall
    ... implement a firewall, it's a packet filter. ... The one place where it might seem iptables would be ...
    (Ubuntu)