An Open Source application that translates snort rules into equivalent iptables rulesets. #Translates snort rules #Equivalent iptables ruleset #Iptables ruleset #Snort #Translates #Snort
fwsnort is an open source command-line application written in C and designed to parse the rules files that are included in the Snort intrusion detection software. It also generates equivalent iptables rulesets.
Key features include support for detecting TCP SYN, NULL, FIN, XMAS scans and UDP scans, several signature rules for Snort, a forensics mode for the analysis of iptables log files, passive operating system fingerprinting through TCP SYN packets, two different fingerprinting strategies, email alerts, and content-based alerts.
The application supports validation of code header and icmp type field, configurable danger level and scan thresholds assignments, iptables ruleset parsing, IP/network danger level auto-assignment, DShield alerts, auto-blocking of scanning IP addresses, and a comprehensive status mode.
Among its command-line options, we can mention the ability to restrict the Snort parser to translate only specified rules into iptables rules, support for printing the iptables script to a specified script instream of the default location, support fo executing the fwsnort.sh script, and support for reverting to a different iptables version without using any fwsnort rules.
You will be able to read iptables policy from a file, to add the --log-tcp-sequence option to iptables, to generate an equivalent iptables rule for a specific Snort ID, to read Snort specific variables out of the program’s configuration file, to translate single or multiple rules file, to check iptables capabilities, as well as to exclude a list of sids from translation.
After installing fwsnort using either the pre-built binary packages found in the main software repositories of your Linux distribution or by using the native installers provided by the project for RPM-based distros, you can simply run the ‘fwsnort’ command in a terminal emulator, as root (system administrator) to use the software.
What's new in fwsnort 1.6.5:
- (Paulo Bruck) Submitted a patch to fix a bug in fwsnort usage of the iptables --ulog-prefix option (an invalid quote was being used previous to the fix).
- Updated to bundle the latest Emerging Threats rule set.
fwsnort 1.6.5
add to watchlist add to download basket send us an update REPORT- runs on:
- Linux
- main category:
- System
- developer:
- visit homepage
Bitdefender Antivirus Free 27.0.35.146
Context Menu Manager 3.3.3.1
Microsoft Teams 24060.3102.2733.5911 Home / 1.7.00.7956 Work
IrfanView 4.67
calibre 7.9.0
7-Zip 23.01 / 24.04 Beta
4k Video Downloader 1.5.3.0080 Plus / 4.30.0.5655
Zoom Client 6.0.3.37634
Windows Sandbox Launcher 1.0.0
ShareX 16.0.1
- Zoom Client
- Windows Sandbox Launcher
- ShareX
- Bitdefender Antivirus Free
- Context Menu Manager
- Microsoft Teams
- IrfanView
- calibre
- 7-Zip
- 4k Video Downloader