|
Title: EFW 2.3RC - Source ports mod on Outgoing Firewall Post by: mrkroket on Sunday 18 October 2009, 03:25:05 am Endian Firewall 2.3RC - Source ports modification
Description: This modification adds the feature to create outgoing fw rules based on source TCP/UDP port, not only by destination port. It also redesign the outgoing firewall webpage, adding Source Port info. It also shows if a rule is being logged or not (very useful for me). Download: http://www.megaupload.com/?d=H7EM7PPS (http://www.megaupload.com/?d=H7EM7PPS) The forum doesn't have attachment option. I know those fileshare webpages are annoying, but I dont have any other place to host the file. Install: Option 1: All done via Windows (best option for Linux newbies). 1- On Endian GUI go to System->SSH Access and enable it. 2- Download WinSCP for your Windows PC, and install it. 3- Run WinSCP. Create a new session with these configs: Host Name: The IP of your endian firewall Port: 22 username: root password: your root pas sword (defined on System->Pas swords) File Protocol: SFTP Allow SCP fallback checkbox: Enabled 4- Click Login. The first time it will warn you about new keys and security stuff. Press OK 5- You have a explorer-like window. Drag & Drop the file "EFW-2.3RC-sourcePorts-mod.tgz" you downloaded. 6- Right-click on the file. Select Custom Commands->Untar/GZip. Click OK twice. 7- Go to the new dir created, called EFW-2.3RC-sourcePorts-mod 8- Select install.sh file. Right-Click and select Custom Commands->Execute 9- Click OK and you are done. Option 2: Linux console commands 1- Copy "EFW-2.3RC-sourcePorts-mod.tgz" to your endian box. 2- tar -xvf EFW-2.3RC-sourcePorts-mod.tgz 3- cd EFW-2.3RC-sourcePorts-mod 4- ./install.sh Uninstall: Option 1: 1- Use WinSCP to connect to the EFW box. 2- go to directory EFW-2.3RC-sourcePorts-mod/ 3- Execute uninstall.sh (as you did on install point 8 ). Option 2: 1- cd EFW-2.3RC-sourcePorts-mod 2- ./uninstall.sh 3- You shouldn't see any error messages. Anyway if it fails, you can restore the original files with the ./restoreOriginals.sh Usage: When creating or editing a new outgoing rule, there is a new checkbox on port definition. You can set the ports as source ports instead destination ports . Legal: I'm not responsible by any damage that mod can cause, direct or indirect. The script goes as-is, I have tested it and works well for me, I don't guarantee anything. I use it for VOIP applications. VOIP applications usually uses a wide range of destination ports. This is awful to control via on a firewall. The solution is force the application to use a source port on all their connection needs. This way if you want to allow this app in the firewall you simply define a rule with source port , no matter what dest port it will connect. Things to do: Add source port mod to QoS. By now it's only added on outgoing firewall. In QoS I simply use high priority on all UDP traffic (mainly VOIP, so it's ok). |