Isba is a free graphical tool designed to edit IP-Filter rulesets and remotely manage IP-Filter firewalled hosts in a production environnement.
Ruleset edition: isba displays rules
in typed columns (action, options, interface, source host or net, etc).
Hosts, nets, services and interfaces are objects
that can be given names. Objects can be organized in groups
which can be used in a rule, to write, in a single line, what will be compiled
into many ipf rules. |
Remote management: once your ruleset is ready, isba can upload ipf.conf and ipnat.conf to the bastion host and reload rules in kernel, using a SSH encrypted connection with RSA authentication. Isba can also use SSH to download informations: current kernel rules, state table and ipfilter logs. In an emergency case, when a ruleset behaves badly on the bastion host, you can instantly replace it with a "pass all" or "block all" ruleset. |
Goals |
Isba was written with these goals in mind:
Prerequisites |
Isba has been tested on Solaris/sparc, Linux/x86 and OpenBSD/x86 and should run wherever Perl/Tk runs (Unix only). It needs the following software packages:
Credits |
Download |
You can download a tarred gzipped version of isba v1.1
here.
Thanks to Brian Garfen for his orthographic and grammatical corrections on this
site.
Thanks to Jean-Claude Boronine for his web design support.
Good ipfiltering !
Pierre Berthomier
isba [at] nerim [dot] net
Isba Home Page - last modified on
31-Jul-2003 18:17
MET - Copyright (c) 2001