[Haskell-cafe] [ANN] PAM library, Iptables web-interface

Evgeny Tarasov etarasov.ekb at gmail.com
Sun Jul 10 09:40:38 CEST 2011


Hello!

I'd like to announce my project called Iptadmin. It's a web interface for
linux Iptables firewall [1]. It supports just few Iptables options by now.
The main feature of Iptadmin is user friendly help messages.

Iptadmin works in a daemon mode. It doesn't keep any auxiliary information
in a system, firewall configuration is taken from the «iptables-save» 
script.
All changes is made by Iptables calling. Firewall rules are saved by 
«/etc/init.d/iptables save»
script. Several linux distributions such as Debian require additional 
Iptables configuration.

Iptadmin uses PAM [2] authentication. Access is granted for root and
for any other user with membership in «iptadmin» system group.

Iptadmin is written using Happstack, so it doesn't support https yet.
To prevent sending system password by network in plain text, the web
interface is listening only on loopback network interface. In order to
access Iptadmin remotely user should setup https proxying using external 
web server.

There is also dedicated library for parsing and printing Iptables rules [3].
While working on Iptadmin I've implemented library with subset of PAM 
api bindings[4].

A code of my project is licensed under BSD3. Sources are uploaded to
hackage [3,4,5]. More information can be found on a project homepage[6].

[1] http://www.netfilter.org/
[2] http://www.kernel.org/pub/linux/libs/pam/
[3] http://hackage.haskell.org/package/iptables-helpers-0.3
[4] http://hackage.haskell.org/package/pam-0.1
[5] http://hackage.haskell.org/package/iptadmin-1.0.0
[6] http://iptadmin.confmgr.org

--
Best regards,
Evgeny Tarasov




More information about the Haskell-Cafe mailing list