Hi, On 11-Oct-01 Guido Tschakert wrote:
Hi I am looking for a tool to analysis/test my ipchains rules. The problem is: I want to analyse on another computer. Something like a "firewall emulator", I tell the emulator which network devices, routing rules and ipchains rules I have and want to have a graphical frontend to show and test the ruleset. Does anybody know about such a tool or do I have to program it on my own :-)
Such a tool would be a cool toy, really. A sandbox for firewalls... I like the sound of that. Before you start programming it yourself, consider an all-purpose testbed-PC with a similar hardware setup than your production fw's (i. e. 2/3/n NICs, etc.). Then test the hell out of it with nmap/saint/nessus/whatever, or just let people like http://www.hackerwhacker.com do the work (for money, tho). Problem with your proposed fw-emu would be the demons (mail, web, etc.) running behind it. If you want to implement them as well, uhm... good luck! If not, you're prolly assuming that they're safe, which they aren't in most cases ;)
I know, there are some programs like gfcc but then I have to use X on the firewallbox and I see no reason to do that and if the box is always in operational mode testing firewall rules aren't a good idea.
Ah, c'mon, don't be shy, a little packet storm here and there while production runs... ;)) [...]
----------------- Guido Tschakert SRC, SysAd -----------------
Boris Lorenz