yorp-me / fwsnort Goto Github PK
View Code? Open in Web Editor NEWThis project forked from mrash/fwsnort
Application Layer IDS/IPS with iptables
Home Page: http://www.cipherdyne.org/fwsnort/
License: GNU General Public License v2.0
This project forked from mrash/fwsnort
Application Layer IDS/IPS with iptables
Home Page: http://www.cipherdyne.org/fwsnort/
License: GNU General Public License v2.0
fwsnort (Firewall Snort) Version: 1.6.4 Author: Michael Rash <[email protected]> Website: http://www.cipherdyne.org/fwsnort/ DESCRIPTION: fwsnort is a perl script that translates Snort rules into equivalent iptables rules. Some Snort rule options (such as "pcre") have no direct translation into iptables options so not all Snort rules can be translated. However approximately 65% of all Snort-2.3.3 signatures (the last release of Snort signatures under the GPL) can be successfully translated through the use of the iptables string match module. When tranlating Snort rules, fwsnort makes heavy use of the iptables string match extension with its "--hex-string" option (added to iptables by the fwsnort project) which accepts Snort "content" argument with hex bytes between "|" chars (such as "|5a 4e|"). This allows the content fields in Snort rules to be directly input into iptables rulesets from the command line. fwsnort alse parses the running iptables policy on the machine in order to determine which Snort rules are applicable to the specific policy loaded on the machine. fwsnort requires the iptables string match module in order to be able to detect application layer attacks. If you are running modern Linux distribution then it is likely that the kernel has been compiled with iptables string matching support, and fwsnort will automatically test this. PLATFORMS: fwsnort is compatible with iptables only, hence fwsnort will exclusively run on Linux running a 2.6 series kernel (with some support for 2.4 kernels as well). Snort is a registered trademark of Sourcefire, Inc INSTALLATION: (See the INSTALL file in the source directory.) UPGRADING: If are installing fwsnort from sources (i.e. not through a distribution package manager such as RPM or apt), you can just run the "install.pl" script. It takes care of upgrades, and it will merge any customized configuration variables in the /etc/fwsnort/fwsnort.conf file with the new file in the source directory. Even if you are using a distribution package manager, you can still run the install.pl script in order to preserve any existing configuration. However, in this case the install.pl script will also put in place fwsnort according to how it normally handles installation paths, and these may not match how your distribution package manager normally handles things. COPYRIGHT: Copyright (C) 2003-2014 Michael Rash ([email protected]) fwsnort is distributed under the GNU General Public License (GPLv2), and the latest version may be downloaded from http://www.cipherdyne.org/ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.