Sopeq 0.2.2b review
DownloadSopeq is a stealth ingress and egress filtering firewall for IPTables with an easy to configure rules file. Sopeq project can be use
|
|
Sopeq is a stealth ingress and egress filtering firewall for IPTables with an easy to configure rules file.
Sopeq project can be used to configure even the slightest details of IPTables with just a minor change in the rules file.
Sopeq can be used to configure even the slightest details of IPTables with just a minor change in the rules file.
Argument Descriptions:
accept/droplog/rejectlog/log - This specifies what to do if a packet matches the
criteria given. "accept" accepts the packet, "droplog" drops and logs
the packet with given "lbl" variable (see section "vars" below),
"rejectlog" rejects and logs the packet with given "lbl" variable, and
"log" ONLY logs the packet with given "lbl" variable. Hmmm, I think I
see an eerie pattern emerging here...
if - This specifies what network interface the packet is travelling over.
This can also match packets NOT travelling over an interface by simply
adding an exclamation mark [!] before it. There should NOT be a space
after the exclamation mark like iptables requires.
in/out - This specifies whether the rule is looking at packets coming in or
packets going out. "in" should be used for most server rules, and
"out" should be used for most application rules. The rule is made by
adding the appropriate INPUT and OUTPUT rules in iptables to accept the
response to the packet as well.
This field can be left blank, but only if the "ports" field is blank as
well. This type of rule would allow all packets from a specific IP or
something to that extent.
tcp/udp/icmp - This is pretty self explanatory, it specifies the protocol of a
packet, IE: TCP, UDP, or ICMP. You can leave this blank to match all
protocols.
IPs - This specifies what specific IP addresses to allow for the rules. You
can leave this field blank to match all IPs. You can specify multiple
IP addresses by separating them with a comma, and/or use IP ranges.
Two methods of IP ranges are supported. The "1.2.3.0/24" method and
the "1.2.3.4-1.2.3.10" method. You can combine IPs and IP ranges in
the same rule with the comma delimeter.
Examples:
1.2.3.4
11.22.33.0/24
123.45.67.3-123.45.67.90
1.2.3.4,5.6.7.8,11.22.33.0/24,123.45.67.3-123.45.67.90
ports - This specifies which ports to allow on. Multiple ports can be
specified by separating them with a comma. If you leave the field
blank, it allows on all ports.
extras - This specifies extra options added onto the end of the rule. The field
is divided into two sections with a "|", which separates the extras for
the INPUT table with the extras from the OUTPUT table (in that order).
In order to have a space in the extras, you have to put the whole thing
in quotes (currently, you can only use double quotes, not single
quotes). These extras are just standard iptables options, so if you
want a list, view the iptables manual.
Examples:
No extras for the INPUT rule, "-m owner --uid-owner 0" for the
OUTPUT rule:
"|-m owner --uid-owner 0"
No extras for the INPUT rule, "-m owner --cmd-owner httpd" for the
OUTPUT rule:
"|-m owner --cmd-owner httpd"
vars - The syntax of a var field is:
varname="value"
What's New in This Release:
The "version" option was added.
A minor alteration was done in the way iptables was called.
Minor code cleanup was done.
Sopeq 0.2.2b keywords