31-jul-2003: I have no time for maintaining isba and vlog anymore
Voluntary maintainers are welcomed

Isba is a free graphical tool designed to edit IP-Filter rulesets and remotely manage IP-Filter firewalled hosts in a production environnement.

Ruleset edition: isba displays rules in typed columns (action, options, interface, source host or net, etc). Hosts, nets, services and interfaces are objects that can be given names. Objects can be organized in groups which can be used in a rule, to write, in a single line, what will be compiled into many ipf rules.

Remote management
: once your ruleset is ready, isba can upload ipf.conf and ipnat.conf to the bastion host and reload rules in kernel, using a SSH encrypted connection with RSA authentication. Isba can also use SSH to download informations: current kernel rules, state table and ipfilter logs. In an emergency case, when a ruleset behaves badly on the bastion host, you can instantly replace it with a "pass all" or "block all" ruleset.


Isba was written with these goals in mind:


Isba has been tested on Solaris/sparc, Linux/x86 and OpenBSD/x86 and should run wherever Perl/Tk runs (Unix only). It needs the following software packages:


You can download a tarred gzipped version of isba v1.1 here.

Thanks to Brian Garfen for his orthographic and grammatical corrections on this site.
Thanks to Jean-Claude Boronine for his web design support.

Good ipfiltering !
Pierre Berthomier
isba [at] nerim [dot] net

Isba Home Page - last modified on 31-Jul-2003 18:17 MET - Copyright (c) 2001