denycomm, blocks IPs 4 different ways

[<auto92089 () hushmail com>]

Sorry for the line-wrapping, it's the web interface.

I have a little command-line tool (denycomm) that black holes a given
IP. It works out-of-the-box with iptables, pf, ipf, and route. You might
use this tool manually, just to avoid mistakes, or automatically, for
example triggered by a log-monitoring program or an IDS.  I'd like to
add support for as many firewalls as practicable.

IMHO it's unsanitary to hard-code commands into these programs that are
specific to your firewall, or worse, to your firewall configuration.
Use this program instead.  You can use command-line args or better yet
a simple (one word) config file. In the future it may sprout a "clever"
option that guesses what firewall you're running, obviating the need
for a config file.  For all you people with money to burn, you can define
a custom handler to alter a commercial firewall's rules.  If you change
firewalls, you make a one line change in the config file and that's it;
you need never touch snort or swatch or any other program which blocks
hosts.

This will be the back end to a much more ambitious distributed system.

http://travcom.tripod.com/

Comments to or CC'd directly to me please; I archive this list but don't
always read it.



Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434

Promote security and make money with the Hushmail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards