shorewall 101

Starting with shorewall
Shorewall is a high-level firewall solution that uses iptables internally.
  1. shorewall intro
  2. quickstart guide for standalone firewall
  3. shorewall configuration files
  4. shorewall setup guide : in depth guide to setting up a shorewall environment
  5. operating shorewall
Basic Configuration
Config files are in /etc/shorewall. The main ones are:
  • shorewall.conf : general server behaviour parameters
  • zones : list of configured zones (default: 'net' + 'fw') from/to which packages can travel
  • interfaces : associates zones with network interfaces (e.g. 'net' -> eth0)
  • policy : default policy for connections from one zone to another (e.g. "net all DROP $LOG", "fw all ACCEPT $LOG", "all all REJECT $LOG")
  • rules : exceptions to default policies (e.g "ACCEPT net fw tcp 80" where 'ACCEPT' is the action, 'net' is the source zone, 'fw' is the destination zone, 'tcp' the protocol, and '80' the destination port - so this rule opens up port 80 for incoming TCP traffic on eth0)
Shorewall views the network where it is running as being composed of a set of zones. By default, there are 2 zones:
  • fw : the firewall itself
  • net : the internet, by default attached to eth0
The default configuration (policy) is set to DROP all traffic coming in through the "net" zone and to ACCEPT all traffic travelling from "net" to "fw" zone. To change this behaviour, you add rules for specific types of traffic.

Comments

Post a Comment

Popular posts from this blog

Handling control characters (escaping) in python for json and mysql

JSON loads() and dumps(): how control characters are handled The json lib escapes control characters when you dump(s) a python object into a json string. import json aa = "String with\ttab and\nnewline" print "1. Py string with control chars, unescaped: '%s'" % aa aa = json.dumps(aa, indent = 2, encoding="utf8") # dumping py-obj into json-string will cause control chars to be escaped print "\n2. JSON Encoded String with control chars, escaped: '%s'" % aa aa = json.loads(aa) # loading json-string into py-obj will leave control chars unescaped print "\n3. Py object (= string) with control chars, unescaped: '%s'" % aa Output: 1. Py string with control chars, unescaped: 'String with tab and newline' 2. JSON Encoded String with control chars, escaped: '"String with\ttab and\nnewline"' 3. Py object (= string) with control chars, unescaped: 'String with tab and newline' Note that json.l...
Read more

python port sniffer with pcapy and impacket

The code below will sniff all network traffic (use a filter to limit the sniffer to only certain packets) during 1000 milliseconds and print some info about it. It requires 2 python modules: pcapy for capturing the packets impacket for analyzing the packet content Note that this sample uses pcapy's dispatch() method and relies on its ability to return automatically after a timeout expires. This functionality is not available on all platforms (e.g. not on linux). import os, logging, socket import pcapy, impacket, impacket.ImpactDecoder ETHERNET_MAX_FRAME_SIZE = 1518 PROMISC_MODE = 0 class Packet(object): def __init__(self, bytes, sniffed_bytes, timestamp, proto_id, src_ip, tgt_ip, src_port, tgt_port, msgs): """ @brief Initialize data. """ super(Packet, self).__init__() self.bytes = bytes self.sniffed_bytes = sniffed_bytes self.src_ip = src_ip self.tgt_ip = tgt_ip self.src_port = src_port self.tgt_port = tgt_port ...
Read more

Django field, form and model validation process

Django's form and field validation process can be best understood by looking at the code in django's BaseForm class (in django.forms.forms) - see below. See also this blog post for a graphic overview. The form.full_clean() method is called by django at the start of the validation process (by form.is_valid(), usually immediately after the view receives the posted data). full_clean() performs a 3 phase validation , with each phase corresponding to a call of one of the protected methods below: self._clean_fields() : Field validation This method iterates over the form fields: For each field, it calls the Widget's value_from_datadict() method, passing the complete post data in a QueryDict. The Widget's task is to retrieve its own value from this QueryDict and return it. The returned value is then passed to the Field's own clean() method. This method does the initial validation (e.g. checking if the value is not empty), without touching the db. If the Field's...
Read more