[CentOS-devel] CentOS Firewall and UTM SIG

Sat Mar 22 15:14:55 UTC 2014
Manuel Wolfshant <wolfy at nobugconsulting.ro>

On 22 martie 2014 16:46:26 EET, Shafiee Roozbeh <roozbeh.shafiee at gmail.com> wrote:
>the goal is not a firewall rules generator like fwbuilder.
>I mentioned this before.

And you still did not offer a comprehensive explanation of the real goal which you wish to achieve.
BTW, everybody here knows the OSI layers as well as their mapping to the real world. There is no need to teach us what iptables does and which layer(s) see(s) its actions.

If you want real traction you should start with a set of scopes. For instance: a set of packages which on top of a CentOS installation would integrate
- an antivirus module
- an antispam module
- a way to dinamically react to attacks and block them. Ideally this module should be able to imteract with remote sensors and trigger remote actions (mind that on purpose I said "trigger remote actions" and not "influence remote firewalls" or even "create iptables rules")
- a module to monitor the activity of all other installed and activated modules
- a teport module
- a  web based command and control interface which can interact with all the other modules. It should be able to install,remove,enable, disable and configure all the other modules.

So, can we move past "the goal is not" step and find out "what the complete goal is" ?