OK I explain it:

My goal is a Unified Treath Management (UTM) based on CentOS (Security SIG). this SIG has an ISO installation media (i686/x86_64) with both web and cli interface, but cli interface is for common tasks. for back-end we will use python and django web framework and we need a light web server like nginx and for front-end we will use HTML5/CSS3/jQuery

The features for this SIG will be:

- basic and advanced wizard to initial configuration

- HA and cluster feature

- SNMP for monitoring

- Management Network like Interfaces, Gateway, Static Route, DHCP, DNS, ARP, NAT, NameServers, Hostname &...

- Accounting and Access users based on OpenLDAP integrated with Microsoft Active Directory

- Access policies for each users

- IPS/IDS firewalling based on mixed of IPTables, Snorby, Snort, Suricata, PulledPork and Pigsty

- VPN to access users based on OpenVPN, PPTP, IPSec, L2TP

- Filtering for Web/URL, Applications, IM and File Transfer

- Defence System such as antivirus and antispam

- Graphical Monitoring System for each part of system

of cource these are some of all features and they can change or add in future. but I have these in my mind right now.

For set of packages there are too many option and we can discuss about it.

On Sat, Mar 22, 2014 at 7:44 PM, Manuel Wolfshant <wolfy@nobugconsulting.ro> wrote:

On 22 martie 2014 16:46:26 EET, Shafiee Roozbeh <roozbeh.shafiee@gmail.com> wrote:
>the goal is not a firewall rules generator like fwbuilder.
>I mentioned this before.

And you still did not offer a comprehensive explanation of the real goal which you wish to achieve.
BTW, everybody here knows the OSI layers as well as their mapping to the real world. There is no need to teach us what iptables does and which layer(s) see(s) its actions.

If you want real traction you should start with a set of scopes. For instance: a set of packages which on top of a CentOS installation would integrate
- an antivirus module
- an antispam module
- a way to dinamically react to attacks and block them. Ideally this module should be able to imteract with remote sensors and trigger remote actions (mind that on purpose I said "trigger remote actions" and not "influence remote firewalls" or even "create iptables rules")
- a module to monitor the activity of all other installed and activated modules
- a teport module
- a web based command and control interface which can interact with all the other modules. It should be able to install,remove,enable, disable and configure all the other modules.

So, can we move past "the goal is not" step and find out "what the complete goal is" ?

_______________________________________________
CentOS-devel mailing list
CentOS-devel@centos.org
http://lists.centos.org/mailman/listinfo/centos-devel

Roozbeh Shafiee
Linux/BSD System Administrator and Python Developer
RoozbehShafiee.Com