[DFD] dfd_keeper 4.0 released
Travis
travis+ml-dfd at subspacefield.org
Fri Oct 24 04:39:52 CEST 2008
I've released the latest dfd_keeper, with an example script, here:
http://www.subspacefield.org/security/dfd_keeper/code/
This follows a general cleanup of the code.
Specifically I seperated the pf object from the rules; it no longer is
a rule container and instead contains a ruleset object which
represents all the rules. This makes for a cleaner seperation of
duties.
Additionally, it should now be capable of syslogging properly when
started in daemon mode, though I have not tested it. Overall logging
is improved, and some aesthetic changes were made regarding how errors
are reported.
The next step will be to test syslogging and log an IP address with
every command executed so that the logs give a good idea of who did
what.
The idea of having users with access controls is appealing, but
significantly more complicated from a UI standpoint. For now everyone
is a socket (IP address and port), and can execute any command. Later
perhaps I'll put up ACLs on IP addresses, which seems more reasonable
given that this is a network security device.
I am still looking for someone to take over the Linux port.
--
Crypto ergo sum. http://www.subspacefield.org/~travis/
Do unto other faiths as you would have them do unto yours.
If you are a spammer, please email john at subspacefield.org to get blacklisted.
More information about the DFD
mailing list