Vuurmuur is a powerful firewall manager built on top of iptables that works with Linux kernels 2.4 and 2.6. It has a simple and easy to learn configuration that allows both simple and complex configurations.
The configuration can be fully configured through an Ncurses GUI, which allows secure remote administration through SSH or on the console.
Vuurmuur has powerful monitoring features, which allow the administrator to look at the logs, connections and bandwidth usage in realtime. It makes use of IPTrafficVolume for keeping track of the traffic volume per interface.
The program is divided into three part. One element (the middle-end) converts humanly-readable rules, hosts, groups, networks, zones, interfaces and services into a iptables ruleset (or optional into a bash-script). The second element is a small daemon that converts the Netfilter logs to easy readable logs. The final element is an Ncurses-based user interface (the front-end) to manage the firewall.
Vuurmuur Features:
Administration
* no iptables knowledge required
* human readable rules syntax
* traffic shaping
* Ncurses GUI, no X required.
* portforwarding is made very simple
* easy to setup in with NAT
* secure default policy
* entirely manageble through ssh and from the console (including from windows using PuTTY)
* scriptable for integration with other tools
* can produce a bash firewall script
* anti-spoofing features
* killing of unwanted connections
* supports working with Suricata & Snort_inline using QUEUE or NFQUEUE
Monitoring
* realtime logviewing
* realtime connection viewing
* filtering in logviewing and connection viewing
* basic traffic volume accounting
* searching through old logfiles
Accounting
* audit logging: all changes are logged
* logging of new connections and bad packets
* traffic volume accounting
Installation and configuration of Vuurmuur:
Open the terminal and type following command to install vuurmuur
The configuration can be fully configured through an Ncurses GUI, which allows secure remote administration through SSH or on the console.
Vuurmuur has powerful monitoring features, which allow the administrator to look at the logs, connections and bandwidth usage in realtime. It makes use of IPTrafficVolume for keeping track of the traffic volume per interface.
The program is divided into three part. One element (the middle-end) converts humanly-readable rules, hosts, groups, networks, zones, interfaces and services into a iptables ruleset (or optional into a bash-script). The second element is a small daemon that converts the Netfilter logs to easy readable logs. The final element is an Ncurses-based user interface (the front-end) to manage the firewall.
Vuurmuur Features:
Administration
* no iptables knowledge required
* human readable rules syntax
* traffic shaping
* Ncurses GUI, no X required.
* portforwarding is made very simple
* easy to setup in with NAT
* secure default policy
* entirely manageble through ssh and from the console (including from windows using PuTTY)
* scriptable for integration with other tools
* can produce a bash firewall script
* anti-spoofing features
* killing of unwanted connections
* supports working with Suricata & Snort_inline using QUEUE or NFQUEUE
Monitoring
* realtime logviewing
* realtime connection viewing
* filtering in logviewing and connection viewing
* basic traffic volume accounting
* searching through old logfiles
Accounting
* audit logging: all changes are logged
* logging of new connections and bad packets
* traffic volume accounting
Installation and configuration of Vuurmuur:
Open the terminal and type following command to install vuurmuur
apt-get updateAfter you have successfully finished your Installation you might want to start configuring your firewall. There are some simple steps you have to go through:
apt-get install libvuurmuur vuurmuur vuurmuur-conf
define your interfacesTo accomplish all this you will use Vuurmuurs gui tool sudo vuurmuur_conf (from command prompt). This tool can be used for much more than just configuration: You will be able to check the status of your firewall, monitor active connections, see the bandwidth currently used, keep an overview about your transfer volume and much more.
define zones, networks, hosts and groups (as you need)
set up your rules
Check out some flash demo on vuurmuur : here
0 comments:
Post a Comment