Re: [TuxFrw-devel] Re: TuxFrw 2.16-pre1...

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hi again Jean, (and the other too!)

> Hi Mr. de Souza,
> 
> > Hello Jean! (excuse me to call you so...)
> >
> 
> Go ahead. It's my name ...

Thanks

> 
> > Your idea is great! You're certainly on the right track, going toward
> the
> > same point as we are. Undoubtedly Perl brings the power that we need to
> > make our scripts, and as we can see you manage the Perl language very
> well.
> >
> Great ! Well, I'am just starting in perl.  But i rely like this language. It
> 
> forces me to think differently.    When you do development in perl you have
> 
> to forget everything you know about programming.  All the pasted experiences
> 
> with software development has to be put away.  Your really have to think 
> differently.   That's is why I love perl.  
> 

Cool! I'd love to learn Perl too, but I have no time for this. Our 
University's library has just received some copies of a "Perl..." book from 
O'reilly, but I couldn't put my hands on them yet... :-(

> So i will go on with my tests.

Go ahead! You have all my support! But I hope they are not only tests, and 
become real stuff soon... just kidding! :-)

> 
> I would like to explore a way to diagnose the state of the machine that TF
> will run on.
> 
> Not only do we have the check for the linux version (2.4 and up), but we
> have 
> to check the state of the modules and the startup scripts/
> 
> - ipchains modules should not be loaded (lsmod ...)
> - the scripts  /etc/init.d/ipchains and  /etc/init.d/iptables should be 
> disabled (chkconfig ...)
> - we should ask the user if he wants to disabled these scripts before we go
> on 
> with the installation process

Yes, I agree with u.

> - we should ... i don know !

Nor do I!

> 
> > As you can see our intention is to create some sort of assistants that
> can
> > help creating the "tuxfrw.conf" files (and things like that). We should
> > focus on the development of that sort of scripts, not forgetting the
> base
> > TF rules, of course. This way, with a powerful configuration script we
> can
> > "fine tune" our "generic" set of rules into a customized one.
> >
> > Your contribution lead me to understand that you are really interested
> on
> > the "config" part of the software. This is great, and I think this could
> be
> > a "task" for you to take care of. To summarize, I'd really like to have
> > your help with this part of the work, as we'd be sending you the
> > "final/base" tuxfrw.conf file, and you could do the conf scripts to
> achieve
> > that file.
> >
> 
> Please do not think this is the only part i am interested in.  I do not
> realy 
> like installation script and user interface. For what i have seen so far, 
> your team has more experienced in firewall than i have.  You are more 
> qualified than i am to do this part of the job.  I just think this is the 
> part that i can be useful for.  The installation process and user interface
> just have to be done and i will be glad to help with these parts.  

Your affirmations are right. I don't like to spend my time with UIs 
too, 'cause they are really "boring" to code, and too much time consuming. But 
this works needs to be done, and that's the point where TF suffers (at this 
moment, at least).

All other developers/contributors have great skills in firewall design, so I 
think we are well served in this point. But as soon as the "missing parts" 
become ready (such as UI, config scripts), we can spend most part of our TF 
development time with "core netfiltering" .... Yeah, that's really cool!

> 
> What i realy like, is all the architecture related to the iptables.  So, I
> am 
> interested to help with all tasks related to the firewall.  I am facinated
> 
> with the iptables.   The guys that haved worked on this project (netfiler
> ..) 
> are very brillant.  I never seen anything like that.   Wow !

Me too!

> 
> Another thing that i am particulary interrested is dynamic firewall. 
> iptables 
> gives us the opportunity not only to build static firewall, but also dynamic
> 
> ones.  I would like to see a firewall capable of detecting an attach 
> (intrusion) and react to it in real time.  The log files could dynamically
> be 
> inspected and new rules added instantly.  If we are very ambitious and we 
> want to roll our sleeves up, iptables have some extentions that can be used
> 
> so packets can be inspected by user space ...

Well, I have some sort of experience with IDS systems myself, and I've been 
thinking about some sort of linking between IDS capabilities and iptables. 
Perhaps in the future we could make Snort work closer to TF. Isn't cool?

> 
> Another thin i am interested in is traffic control ...

Me too. And this is one of my "dreams" for TF future versions...

> 
> > Well... I know things are a little bit "dark" now, as we pass through a
> new
> > stage of development. This week I've been working heavily on TF to think
> > about a way to make users' life easier, and as you can see there it is
> (TF
> > 2.16-pre1 functionality). So, as I promised, I'll soon send some sort of
> > "road-map" to be followed by those who wanna help...
> 
> I'am there !
> 

Great!

> >
> > That's all.
> >
> > See you later...
> 
> See you ...

Good Bye!

------------------------------------------------------------ 
   - MARCELO DE SOUZA -            <ma...@ac...> 

   Computer Science / UNESP - S. J. Rio Preto, SP, Brazil 

         -- ACME! Computer Security Research -- 

            http://www.acme-ids.org/~marcelo 
------------------------------------------------------------ 

-------------------------------------------------
       ACME! Computer Security Research
           http://www.acme-ids.org