https://github.com/bandie91/iptables-trace-utility

Automatically exported from code.google.com/p/iptables-trace-utility
https://github.com/bandie91/iptables-trace-utility

debug firewall iptables spa trace web-app

Last synced: about 1 month ago
JSON representation

Automatically exported from code.google.com/p/iptables-trace-utility

• Host: GitHub
• URL: https://github.com/bandie91/iptables-trace-utility
• Owner: bAndie91
• Created: 2015-03-13T07:59:30.000Z (about 10 years ago)
• Default Branch: master
• Last Pushed: 2025-01-21T06:30:53.000Z (5 months ago)
• Last Synced: 2025-04-19T12:44:28.742Z (about 2 months ago)
• Topics: debug, firewall, iptables, spa, trace, web-app
• Language: JavaScript
• Size: 32.2 KB
• Stars: 5
• Watchers: 1
• Forks: 0
• Open Issues: 2
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        
# iptables-trace-utility

## Requirements

* `modprobe ipt_LOG`

* `sysctl net.netfilter.nf_log.2 = ipt_LOG`

* sudoers rules:

       USER ALL=(root) NOPASSWD: /sbin/iptables-save ""

       USER ALL=(root) NOPASSWD: /sbin/iptables -t raw -F *

       USER ALL=(root) NOPASSWD: /sbin/iptables -t raw -A * -j TRACE

       USER ALL=(root) NOPASSWD: /sbin/sysctl net.netfilter.nf_log.2=ipt_LOG

  Where *USER* is unix user running **ajax.php** script (eg. www-data when using apache)

* backend component:

  * webserver

    * you need a php-enabled webserver to run ajax.php, or

    * use php 5.4 embeded webserver by invoking this command in folder where you have unpacked files:

 

      `sudo -u `*`USER`*` php -S localhost:8080 -t .`

  * configure `$logfile` in **ajax.php** to point to file iptables is logging in (eg. /var/log/kern.log)

    * you can setup rsyslog to separate iptables' log messages:

        ```

        :msg, regex, "^\[[ ]*[0-9]*\.[0-9]*\] Firewall: "  -/var/log/iptables.log

        & ~

        :msg, regex, "^\[[ ]*[0-9]*\.[0-9]*\] TRACE: "     -/var/log/iptables.log

        & ~

        ```

* read access to `$logfile` for *USER* (eg. `chmod +r $logfile`)

* frontend component:

  * point AJAXURL variable to the right URL in JS code

  * jquery.js

  * jquery-ui.js

* do not modify firewall while tracing

## Usage

* Specity filter options in Filter box or leave empty to trace all packets.

* Pay attention to limit parameter, too high limit may lead to high load on target system!

* Press TRACE! to start tracing and Stop to finish it.

* The programm polls server every 1.5 sec for new trace results, you can press Refresh to poll them manually.

* Messages box: status and error messages from server

* Packet IDs will appear in Packets box during trace. Click on a packet ID to display steps in Trace box, whiches the packet has met in its way through the firewall.

* Firewall box: iptables-save output hilighting rules with which the selected packet has met.

## Screenshot

![screenshot](http://i.imgur.com/7Jnl7Fi.png)

# Similar projects

- https://github.com/commonism/iptables-trace

# Project issues, bugs, feature requests, ideas

1. clone the repo

2. use [git-bug](https://github.com/git-bug/git-bug) to open a new ticket in this repo

3. find one or more person in the commit history to make contact with, then either

4.a. send your newly created `git-bug` ticket (or patch if you already propose a code change) via email, or

4.b. send the URL of your git clone to a contributor (via email or other channel), and request them to pull (`git-bug` issues and/or branches as well) from you.