{"id":18426538,"url":"https://github.com/akotov-dev/bastion","last_synced_at":"2026-01-22T20:33:06.473Z","repository":{"id":127984745,"uuid":"416386261","full_name":"AKotov-dev/bastion","owner":"AKotov-dev","description":"Bastion - gateway and site filter for the office network (Mageia-8-x86_64)","archived":false,"fork":false,"pushed_at":"2021-10-27T13:00:11.000Z","size":76128,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-13T20:03:10.436Z","etag":null,"topics":["filtering","gateway","iptables","squid"],"latest_commit_sha":null,"homepage":"","language":"Pascal","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/AKotov-dev.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-10-12T15:10:24.000Z","updated_at":"2023-07-18T17:28:21.000Z","dependencies_parsed_at":null,"dependency_job_id":"12e7f39f-1bb6-4b9e-a2d2-03df5686e9ec","html_url":"https://github.com/AKotov-dev/bastion","commit_stats":null,"previous_names":[],"tags_count":8,"template":false,"template_full_name":null,"purl":"pkg:github/AKotov-dev/bastion","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AKotov-dev%2Fbastion","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AKotov-dev%2Fbastion/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AKotov-dev%2Fbastion/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AKotov-dev%2Fbastion/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/AKotov-dev","download_url":"https://codeload.github.com/AKotov-dev/bastion/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AKotov-dev%2Fbastion/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28670381,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-22T19:36:09.361Z","status":"ssl_error","status_checked_at":"2026-01-22T19:36:05.567Z","response_time":144,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["filtering","gateway","iptables","squid"],"created_at":"2024-11-06T05:08:13.225Z","updated_at":"2026-01-22T20:33:06.451Z","avatar_url":"https://github.com/AKotov-dev.png","language":"Pascal","funding_links":[],"categories":[],"sub_categories":[],"readme":"Bastion - gateway and site filter for the office network\n--\nDependencies: `iptables squid ipset bind-utils apache squidanalyzer polkit sakura openssh-server dnsmasq samba net-tools`\n\nThree-level filtering HTTP/HTTPS:\n+ Squid + Black/White lists of domains + VIP-users\n+ IPTables + IPSet (blocking host=multiple IP) + dictionary filtering\n+ SquidAnalyzer - internet connection log analyzer\n\nPhysically it consists of two parts:\n+ GUI (rpm-package, pulls up all the necessary dependencies)\n+ Archive of configuration files (.tar.gz unpacked manually `etc-\u003eetc`)\n\nConfigure the `WAN/LAN` on the computer acting as the gateway and run `Bastion`. Specify the interface names, the local network and click the `New Certificate` button. After the certificate is created, install it in the client browsers. To instantly apply the blocking rules from the lists or the first start, click the `Restart` button. Remote access to the server is `SSH:22` (Internet/LAN). Port 22 is protected from brute force: three failed passwords are blocked for 60 seconds.\n\nNote:\n+ Bastion can be configured/run without GUI (scripts only)\n+ Bastion has built-in DNS/DHCP (dnsmasq); address pool `x.x.x.50-x.x.x.250`\n+ When `samba` is enabled, a shared folder `/usr/local/Common` is created with a `.recycle` bin, which is cleaned every month. The `\\\\LAN-IP\\Common` folder can be connected as a shared disk\n\n![](https://github.com/AKotov-dev/bastion/blob/main/ScreenShot.png)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fakotov-dev%2Fbastion","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fakotov-dev%2Fbastion","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fakotov-dev%2Fbastion/lists"}