PROJET AUTOBLOG

Shaarli - Les discussions de Shaarli

Archivé

Site original : Shaarli - Les discussions de Shaarli du 23/07/2013

⇐ retour index

cajus/uif

jeudi 30 juillet 2015 à 11:45
@jeekajoo shaarlinks
"""
uif - Tool for generating optimized firewall rules

The uif project has been developed for a diskless router system and provides
a mechanism to create and simplify packet filter rules. It forces you to
provide names for every value you use in order to make firewalls less
confusing.
"""

syntaxe claire.
basé sur iptables.
dispo dans debian

exemple de conf:
"""
masq+  o=extern s=intranet
nat+   s=intranet p=http   D=relayintern   P=squid
in+    s=trusted  p=ssh,ping,traceroute,http
out-   s=intranet p=smb    f=reject
fw-    d=microsoft         f=reject,log(ms-alert)
slin+  s=testnet
slout- d=testnet
fw>    o=extern
fw+    p=myhttp            f=account(HTTP)
"""
(Permalink)