Sopeq Sopeq is a stealth ingress and egress filtering firewall for IPTables with an easy to configure rules file.
Download

Sopeq Ranking & Summary

Sopeq Tags

stealth iptables firewall stealth ingress egress filtering Sopeq ingress

Sopeq Description

Sopeq is a stealth ingress and egress filtering firewall for IPTables with an easy to configure rules file. Sopeq is a stealth ingress and egress filtering firewall for IPTables with an easy to configure rules file.Sopeq project can be used to configure even the slightest details of IPTables with just a minor change in the rules file.Sopeq can be used to configure even the slightest details of IPTables with just a minor change in the rules file.Argument Descriptions:accept/droplog/rejectlog/log - This specifies what to do if a packet matches the criteria given. "accept" accepts the packet, "droplog" drops and logs the packet with given "lbl" variable (see section "vars" below), "rejectlog" rejects and logs the packet with given "lbl" variable, and "log" ONLY logs the packet with given "lbl" variable. Hmmm, I think I see an eerie pattern emerging here...if - This specifies what network interface the packet is travelling over. This can also match packets NOT travelling over an interface by simply adding an exclamation mark before it. There should NOT be a space after the exclamation mark like iptables requires.in/out - This specifies whether the rule is looking at packets coming in or packets going out. "in" should be used for most server rules, and "out" should be used for most application rules. The rule is made by adding the appropriate INPUT and OUTPUT rules in iptables to accept the response to the packet as well. This field can be left blank, but only if the "ports" field is blank as well. This type of rule would allow all packets from a specific IP or something to that extent.tcp/udp/icmp - This is pretty self explanatory, it specifies the protocol of a packet, IE: TCP, UDP, or ICMP. You can leave this blank to match all protocols.IPs - This specifies what specific IP addresses to allow for the rules. You can leave this field blank to match all IPs. You can specify multiple IP addresses by separating them with a comma, and/or use IP ranges. Two methods of IP ranges are supported. The "1.2.3.0/24" method and the "1.2.3.4-1.2.3.10" method. You can combine IPs and IP ranges in the same rule with the comma delimeter. Examples: 1.2.3.4 11.22.33.0/24 123.45.67.3-123.45.67.90 1.2.3.4,5.6.7.8,11.22.33.0/24,123.45.67.3-123.45.67.90ports - This specifies which ports to allow on. Multiple ports can be specified by separating them with a comma. If you leave the field blank, it allows on all ports.extras - This specifies extra options added onto the end of the rule. The field is divided into two sections with a "|", which separates the extras for the INPUT table with the extras from the OUTPUT table (in that order). In order to have a space in the extras, you have to put the whole thing in quotes (currently, you can only use double quotes, not single quotes). These extras are just standard iptables options, so if you want a list, view the iptables manual. Examples: No extras for the INPUT rule, "-m owner --uid-owner 0" for the OUTPUT rule: "|-m owner --uid-owner 0" No extras for the INPUT rule, "-m owner --cmd-owner httpd" for the OUTPUT rule: "|-m owner --cmd-owner httpd"vars - The syntax of a var field is: varname="value"What's New in This Release:· The "version" option was added.· A minor alteration was done in the way iptables was called.· Minor code cleanup was done.

Sopeq Related Software