fire version 1.8.6 has been released!
SYNOPSIS:
Here’s how to set up a Port Knocking Daemon with a key of ports 15,
99, and 1632!
When the password is accepted, it prints w007!
class MyPorter < Porter
def initialize(*arr)
super(*arr)
end
def rules(pkt)
return false unless pkt.to_s =~ /192.168.15.1/
true
end
def accept(pkt)
puts “w007”
end
end
MyPorter.new([15, 99, 1632])
Here’s how to set up a quick firewall, which saves it as an IPTables
script:
Firewall :write, “/Users/ari/Desktop/firewall.sh” do
@debug = true
Filter do
chain “extra_packets”
extra_packets do
log :all
end
INPUT do
drop :all, :protocol => "tcp --syn",
:dest => "192.168.15.1"
drop :all, :not => {:port => "80"},
:ip => "192.168.0.0/16",
:dest_ip => "192.168.0.0/16",
:interface => "eth0"
send :all, :to => "extra_packets"
end
end
NAT do
chain(“TEST”)
TEST do
accept :all
end
end
Mangle do
end
Raw do
end
end
##########
And of course, you can manipulate IPTables within your script
(experimental, but useable)
iptables = IPTables.new
iptables.drop :all
Changes:
1.0.0 / 2007-09-15
-
1 major enhancement
- Birthday!
-------------------------------------------|
Nietzsche is my copilot