{"id":18716388,"url":"https://github.com/mrash/fwsnort","last_synced_at":"2025-10-04T11:58:32.855Z","repository":{"id":44792691,"uuid":"1887350","full_name":"mrash/fwsnort","owner":"mrash","description":"Application Layer IDS/IPS with iptables","archived":false,"fork":false,"pushed_at":"2018-11-26T00:17:10.000Z","size":4777,"stargazers_count":75,"open_issues_count":10,"forks_count":15,"subscribers_count":12,"default_branch":"master","last_synced_at":"2025-04-12T13:50:05.297Z","etag":null,"topics":["intrusion-detection","iptables","linux"],"latest_commit_sha":null,"homepage":"http://www.cipherdyne.org/fwsnort/","language":"Perl","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mrash.png","metadata":{"files":{"readme":"README","changelog":"ChangeLog","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2011-06-13T05:10:34.000Z","updated_at":"2025-01-27T14:03:28.000Z","dependencies_parsed_at":"2022-08-21T06:10:32.595Z","dependency_job_id":null,"html_url":"https://github.com/mrash/fwsnort","commit_stats":null,"previous_names":[],"tags_count":13,"template":false,"template_full_name":null,"purl":"pkg:github/mrash/fwsnort","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrash%2Ffwsnort","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrash%2Ffwsnort/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrash%2Ffwsnort/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrash%2Ffwsnort/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mrash","download_url":"https://codeload.github.com/mrash/fwsnort/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrash%2Ffwsnort/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":278308622,"owners_count":25965654,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-04T02:00:05.491Z","response_time":63,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["intrusion-detection","iptables","linux"],"created_at":"2024-11-07T13:12:32.216Z","updated_at":"2025-10-04T11:58:32.839Z","avatar_url":"https://github.com/mrash.png","language":"Perl","funding_links":[],"categories":[],"sub_categories":[],"readme":"fwsnort   (Firewall Snort)\nVersion:  1.6.6\nAuthor:   Michael Rash \u003cmbr@cipherdyne.org\u003e\nWebsite:  http://www.cipherdyne.org/fwsnort/\n\nDESCRIPTION:\n\nfwsnort is a perl script that translates Snort rules into equivalent iptables\nrules.  Some Snort rule options (such as \"pcre\") have no direct translation\ninto iptables options so not all Snort rules can be translated.  However\napproximately 65% of all Snort-2.3.3 signatures (the last release of Snort\nsignatures under the GPL) can be successfully translated through the use of the\niptables string match module.  When tranlating Snort rules, fwsnort makes heavy\nuse of the iptables string match extension with its \"--hex-string\" option\n(added to iptables by the fwsnort project) which accepts Snort \"content\"\nargument with hex bytes between \"|\" chars (such as \"|5a 4e|\").  This allows the\ncontent fields in Snort rules to be directly input into iptables rulesets from\nthe command line.  fwsnort alse parses the running iptables policy on the\nmachine in order to determine which Snort rules are applicable to the specific\npolicy loaded on the machine.\n\nfwsnort requires the iptables string match module in order to be able to\ndetect application layer attacks.  If you are running modern Linux\ndistribution then it is likely that the kernel has been compiled with iptables\nstring matching support, and fwsnort will automatically test this.\n\nPLATFORMS:\n\nfwsnort is compatible with iptables only, hence fwsnort will exclusively run\non Linux running a 2.6 series kernel (with some support for 2.4 kernels as\nwell).\n\nSnort is a registered trademark of Sourcefire, Inc\n\nINSTALLATION:\n\n    (See the INSTALL file in the source directory.)\n\nUPGRADING:\n\n    If are installing fwsnort from sources (i.e. not through a distribution\npackage manager such as RPM or apt), you can just run the \"install.pl\" script.\nIt takes care of upgrades, and it will merge any customized configuration\nvariables in the /etc/fwsnort/fwsnort.conf file with the new file in the\nsource directory.  Even if you are using a distribution package manager, you\ncan still run the install.pl script in order to preserve any existing\nconfiguration.  However, in this case the install.pl script will also put in\nplace fwsnort according to how it normally handles installation paths, and\nthese may not match how your distribution package manager normally handles\nthings.\n\nCOPYRIGHT:\n\nCopyright (C) 2003-2016 Michael Rash (mbr@cipherdyne.org)\n\nfwsnort is distributed under the GNU General Public License (GPLv2), and the\nlatest version may be downloaded from http://www.cipherdyne.org/\n\nThis program is free software; you can redistribute it and/or modify\nit under the terms of the GNU General Public License as published by\nthe Free Software Foundation; either version 2 of the License, or\n(at your option) any later version.\n\nThis program is distributed in the hope that it will be useful,\nbut WITHOUT ANY WARRANTY; without even the implied warranty of\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the\nGNU General Public License for more details.\n\nYou should have received a copy of the GNU General Public License\nalong with this program; if not, write to the Free Software\nFoundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmrash%2Ffwsnort","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmrash%2Ffwsnort","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmrash%2Ffwsnort/lists"}