Firewall & Port knocking
< Security
< Servers
< Open Source
< b3open
Get flash to fully experience Pearltrees
Synopsis
fwsnort parses the rules files included in the SNORT ® intrusion detection system and builds an equivalent iptables ruleset for as many rules as possible. fwsnort utilizes the iptables string match module (together with a custom patch that adds a --hex-string option to the iptables user space code which is now integrated with iptables) to detect application level attacks. fwsnort accepts command line arguments to restrict processing to any particular class of snort rules such as "ddos", "backdoor", or "web-attacks". Processing can even be restricted to a specific snort rule as identified by its "snort id" or "sid". fwsnort makes use of the IPTables::Parse module to translate snort rules for which matching traffic could potentially be passed through the existing iptables ruleset.
