[Haskell-cafe] [ANN] PAM library, Iptables web-interface
Evgeny Tarasov
etarasov.ekb at gmail.com
Sun Jul 10 09:40:38 CEST 2011
Hello!
I'd like to announce my project called Iptadmin. It's a web interface for
linux Iptables firewall [1]. It supports just few Iptables options by now.
The main feature of Iptadmin is user friendly help messages.
Iptadmin works in a daemon mode. It doesn't keep any auxiliary information
in a system, firewall configuration is taken from the «iptables-save»
script.
All changes is made by Iptables calling. Firewall rules are saved by
«/etc/init.d/iptables save»
script. Several linux distributions such as Debian require additional
Iptables configuration.
Iptadmin uses PAM [2] authentication. Access is granted for root and
for any other user with membership in «iptadmin» system group.
Iptadmin is written using Happstack, so it doesn't support https yet.
To prevent sending system password by network in plain text, the web
interface is listening only on loopback network interface. In order to
access Iptadmin remotely user should setup https proxying using external
web server.
There is also dedicated library for parsing and printing Iptables rules [3].
While working on Iptadmin I've implemented library with subset of PAM
api bindings[4].
A code of my project is licensed under BSD3. Sources are uploaded to
hackage [3,4,5]. More information can be found on a project homepage[6].
[1] http://www.netfilter.org/
[2] http://www.kernel.org/pub/linux/libs/pam/
[3] http://hackage.haskell.org/package/iptables-helpers-0.3
[4] http://hackage.haskell.org/package/pam-0.1
[5] http://hackage.haskell.org/package/iptadmin-1.0.0
[6] http://iptadmin.confmgr.org
--
Best regards,
Evgeny Tarasov
More information about the Haskell-Cafe
mailing list