{"id":19278918,"url":"https://github.com/matejlach/dynafire","last_synced_at":"2025-04-22T00:31:58.279Z","repository":{"id":191206031,"uuid":"684125520","full_name":"MatejLach/dynafire","owner":"MatejLach","description":"Real-time threat detection for any Linux system running firewalld, based on data from the Turris Sentinel project","archived":false,"fork":false,"pushed_at":"2024-07-20T15:06:15.000Z","size":29,"stargazers_count":7,"open_issues_count":0,"forks_count":0,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-04-19T00:37:41.210Z","etag":null,"topics":["firewall","firewall-rules","firewalld","linux","turris","turris-omnia"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/MatejLach.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-08-28T14:04:36.000Z","updated_at":"2024-07-20T15:06:18.000Z","dependencies_parsed_at":"2024-07-20T16:25:31.427Z","dependency_job_id":"f191c692-fde6-4c14-86de-0db6fae0ef35","html_url":"https://github.com/MatejLach/dynafire","commit_stats":null,"previous_names":["matejlach/dynafire"],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MatejLach%2Fdynafire","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MatejLach%2Fdynafire/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MatejLach%2Fdynafire/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MatejLach%2Fdynafire/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/MatejLach","download_url":"https://codeload.github.com/MatejLach/dynafire/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250157860,"owners_count":21384331,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["firewall","firewall-rules","firewalld","linux","turris","turris-omnia"],"created_at":"2024-11-09T21:12:35.955Z","updated_at":"2025-04-22T00:31:58.058Z","avatar_url":"https://github.com/MatejLach.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"dynafire - real-time threat detection for any Linux system\n=\n\n[Turris Sentinel](https://view.sentinel.turris.cz/?period=1w) is a real-time threat detection \u0026 attack prevention system from\nthe creators of the [Turris](https://www.turris.com/en/) series of open-source routers, however this service is normally only available via the router interface.\nThis makes it impractical to use the real-time data provided by Turris Sentinel on a VPS for example, which you cannot easily put behind a Turris router hardware.\n\n`dynafire` is a lightweight Linux daemon that lets any Linux system running the industry standard `firewalld` firewall update its firewall rules in real-time based on Sentinel data.\n\nTurris Sentinel data by TurrisTech is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.\n\nInstallation via package managers\n-\nArch Linux (AUR): [dynafire-bin](https://aur.archlinux.org/packages/dynafire-bin)\n\nManual installation\n-\nBecause `dynafire` ships as a single binary, it is easy to install it manually on practically any `systemd`-based distro.\n\nBefore proceeding please ensure that `ZeroMQ` (tested with *4.3.5*), `NetworkManager` and `firewalld` are installed and running:\n\n```shell\n$ sudo systemctl check NetworkManager                                   \nactive\n\n$ sudo systemctl check firewalld                                   \nactive\n```\n\nDownload the binary:\n\n`$ wget https://github.com/MatejLach/dynafire/releases/download/v0.3/dynafire`\n\nEnsure the binary is executable:\n\n`$ chmod +x dynafire`\n\nCopy the binary to your `$PATH`:\n\n`$ sudo cp dynafire /usr/bin/`\n\n\nNext, download the `systemd` service definition file:\n\n`$ wget https://raw.githubusercontent.com/MatejLach/dynafire/main/dist/systemd/dynafire.service` \n\nCopy it under where `systemd` would be able to see it i.e. `/lib/systemd/system` or `/etc/systemd/system`:\n\n`$ sudo cp dynafire.service /lib/systemd/system/`\n\nRegister the new service with `systemd`:\n\n`$ sudo systemctl daemon-reload`\n\nThen, assuming `firewalld` is already running, enable it at boot and start with:\n\n`$ sudo systemctl enable dynafire --now`\n\nBuilding from source\n-\nClone the source:\n\n`$ git clone https://github.com/MatejLach/dynafire.git \u0026\u0026 cd dynafire/cmd/dynafire`\n\nThen, assuming a properly [set up Go toolchain](https://golang.org/doc/install), simply run:\n\n`$ go build`\n\nCopy the resulting `dynafire` binary under `/usr/bin` and use the [systemd service](dist/systemd/dynafire.service) to manage its lifecycle, see [Manual Installation](#manual-installation) for details.\n\nConfiguration\n-\nThe `dynafire` configuration file is created upon first launch under `/etc/dynafire/config.json`.\nBy default, it has the following values:\n\n```json\n{\n  \"log_level\": \"INFO\",\n  \"zone_target_policy\": \"ACCEPT\"\n}\n```\n\nThe `log_level` can be set to `DEBUG` (most verbose), `INFO` and `ERROR` (least verbose).\n\nBy default, the `dynafire` firewalld zone is set to `ACCEPT` every packet that is NOT on the Turris Sentinel blacklist, so as not to accidentally block legitimate traffic. \nHowever, you can make this stricter by changing the `zone_target_policy` to i.e. `REJECT` or `DROP`, see [firewalld zone options](https://firewalld.org/documentation/zone/options.html) for details.  \n\nContributing\n-\nBug reports and pull requests are welcome. Do not hesitate to open a PR / file an issue or a feature request.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmatejlach%2Fdynafire","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmatejlach%2Fdynafire","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmatejlach%2Fdynafire/lists"}