An open API service indexing awesome lists of open source software.

https://github.com/bandie91/iptables-trace-utility

Automatically exported from code.google.com/p/iptables-trace-utility
https://github.com/bandie91/iptables-trace-utility

debug firewall iptables spa trace web-app

Last synced: about 1 month ago
JSON representation

Automatically exported from code.google.com/p/iptables-trace-utility

Awesome Lists containing this project

README

        

# iptables-trace-utility

## Requirements

* `modprobe ipt_LOG`
* `sysctl net.netfilter.nf_log.2 = ipt_LOG`
* sudoers rules:

USER ALL=(root) NOPASSWD: /sbin/iptables-save ""
USER ALL=(root) NOPASSWD: /sbin/iptables -t raw -F *
USER ALL=(root) NOPASSWD: /sbin/iptables -t raw -A * -j TRACE
USER ALL=(root) NOPASSWD: /sbin/sysctl net.netfilter.nf_log.2=ipt_LOG

Where *USER* is unix user running **ajax.php** script (eg. www-data when using apache)
* backend component:
* webserver
* you need a php-enabled webserver to run ajax.php, or
* use php 5.4 embeded webserver by invoking this command in folder where you have unpacked files:

`sudo -u `*`USER`*` php -S localhost:8080 -t .`
* configure `$logfile` in **ajax.php** to point to file iptables is logging in (eg. /var/log/kern.log)
* you can setup rsyslog to separate iptables' log messages:

```
:msg, regex, "^\[[ ]*[0-9]*\.[0-9]*\] Firewall: " -/var/log/iptables.log
& ~
:msg, regex, "^\[[ ]*[0-9]*\.[0-9]*\] TRACE: " -/var/log/iptables.log
& ~
```
* read access to `$logfile` for *USER* (eg. `chmod +r $logfile`)
* frontend component:
* point AJAXURL variable to the right URL in JS code
* jquery.js
* jquery-ui.js
* do not modify firewall while tracing

## Usage

* Specity filter options in Filter box or leave empty to trace all packets.
* Pay attention to limit parameter, too high limit may lead to high load on target system!
* Press TRACE! to start tracing and Stop to finish it.
* The programm polls server every 1.5 sec for new trace results, you can press Refresh to poll them manually.
* Messages box: status and error messages from server
* Packet IDs will appear in Packets box during trace. Click on a packet ID to display steps in Trace box, whiches the packet has met in its way through the firewall.
* Firewall box: iptables-save output hilighting rules with which the selected packet has met.

## Screenshot

![screenshot](http://i.imgur.com/7Jnl7Fi.png)

# Similar projects

- https://github.com/commonism/iptables-trace

# Project issues, bugs, feature requests, ideas

1. clone the repo
2. use [git-bug](https://github.com/git-bug/git-bug) to open a new ticket in this repo
3. find one or more person in the commit history to make contact with, then either
4.a. send your newly created `git-bug` ticket (or patch if you already propose a code change) via email, or
4.b. send the URL of your git clone to a contributor (via email or other channel), and request them to pull (`git-bug` issues and/or branches as well) from you.