EFW Support

Development => Contribute Your Customisations & Modifications => Topic started by: mrkroket on Sunday 18 October 2009, 03:25:05 am



Title: EFW 2.3RC - Source ports mod on Outgoing Firewall
Post by: mrkroket on Sunday 18 October 2009, 03:25:05 am
Endian Firewall 2.3RC - Source ports modification

Description:
This modification adds the feature to create outgoing fw rules based on source TCP/UDP port, not only by destination port. It also redesign the outgoing firewall webpage, adding Source Port info. It also shows if a rule is being logged or not (very useful for me).

Download:
http://www.megaupload.com/?d=H7EM7PPS (http://www.megaupload.com/?d=H7EM7PPS)
The forum doesn't have attachment option. I know those fileshare webpages are annoying, but I dont have any other place to host the file.

Install:
Option 1: All done via Windows (best option for Linux newbies).
1- On Endian GUI go to System->SSH Access and enable it.
2- Download WinSCP for your Windows PC, and install it.
3- Run WinSCP. Create a new session with these configs:
        Host Name: The IP of your endian firewall
        Port: 22
        username: root
        password: your root pas sword (defined on System->Pas swords)
        File Protocol: SFTP     
        Allow SCP fallback checkbox: Enabled
4- Click Login. The first time it will warn you about new keys and security stuff. Press OK
5- You have a explorer-like window. Drag & Drop the file "EFW-2.3RC-sourcePorts-mod.tgz" you downloaded.
6- Right-click on the file. Select Custom Commands->Untar/GZip. Click OK twice.
7- Go to the new dir created, called EFW-2.3RC-sourcePorts-mod
8- Select install.sh file. Right-Click and select Custom Commands->Execute
9- Click OK and you are done.
       

Option 2: Linux console commands
1- Copy "EFW-2.3RC-sourcePorts-mod.tgz" to your endian box.
2- tar -xvf EFW-2.3RC-sourcePorts-mod.tgz
3- cd EFW-2.3RC-sourcePorts-mod
4- ./install.sh

Uninstall:
Option 1:
1- Use WinSCP to connect to the EFW box.
2- go to directory EFW-2.3RC-sourcePorts-mod/
3- Execute uninstall.sh (as you did on install point 8 ).

Option 2:
1- cd EFW-2.3RC-sourcePorts-mod
2- ./uninstall.sh
3- You shouldn't see any error messages. Anyway if it fails, you can restore the original files with the ./restoreOriginals.sh

Usage:
 When creating or editing a new outgoing rule, there is a new checkbox on port definition.
You can set the ports as source ports instead destination ports .

Legal:
I'm not responsible by any damage that mod can cause, direct or indirect. The script goes as-is, I have tested it and works well for me, I don't guarantee anything.


 I use it for VOIP applications. VOIP applications usually uses a wide range of destination ports. This is awful to control via on a firewall. The solution is force the application to use a source port on all their connection needs.
 This way if you want to allow this app in the firewall you simply define a rule with source port , no matter what dest port it will connect.

Things to do:
 Add source port mod to QoS. By now it's only added on outgoing firewall.
In QoS I simply use high priority on all UDP traffic (mainly VOIP, so it's ok).