narc 0.7 review
DownloadNARC is a free firewalling package for Netfilter/Iptables
|
|
NARC is a free firewalling package for Netfilter/Iptables. It attempts to simplify the setup of a firewall (stateful packet filter) via the iptables tools. NARC is a bash shellscript that generates sensible and secure rules for Netfilter based on a simple configuration file.
Netfilter is the framework in Linux 2.4 kernels that allow for firewalling, NAT, and packet mangling. Iptables is the userspace tools that works with the Netfilter framework (technically a lie; Iptables is also a part of the Netfilter framework in the kernel). Think of Netfilter as the kernel space, and Iptables as the userspace.
Here are some key features of "narc":
Quick setup via a simple configuration file
Connection tracking (and fragmentation reassembly)
Customized logging
Probe detection (TCP & UDP)
Illegal TCP packet filtering
FIN, NULL, ACK scan detection
ICMP message filtering and rate limiting
SYN packet length checking
General rate limiting (to prevent DoS type attacks)
IP/network based TCP connection rate limiting
SYN flood protection
Smurf attack protection
Spoofed IP address filtering
DMZ support
Port forwarding support
Requirements:
kernel version 2.4.x w/ netfilter support compiled in (http://www.kernel.org)
iptables tools (http://www.netfilter.org)
a compiler (if you are planning on compiling your own binaries
What's New in This Release:
Implemented IPLIMIT so that it works with 2.4 & 2.6 kernels
Implemented port forwarding to other interfaces (no longer limited to DMZ) Note that it still defaults to DMZ if the INTERFACE option is left blank
Fixed error in install script that omitted a mkdir
Removed TCP port 445 (microsoft-ds) from TCP_PROBE
Implemented SMB/CIFS specific logging options
narc 0.7 keywords