Ooh, this sounds like a great idea if it doesn't already exist! --Corey
On Jun 28, 2013, at 11:02 AM, Tom Limoncelli <[email protected]> wrote: > Hi! > > I'd like to write "unit tests" for my firewall rules. I used to do > this with FreeBSD but I haven't found a similar tool for Linux. Any > suggestions? > > In particular, on FreeBSD there was a utility that simulated the > firewall system. You could give it a list of rules, a packet's > source/dest/ports, and it would return "DROP" or "ALLOW". The > Makefile I used for maintaining my firewall rules ran a couple scripts > that tested basic functionality (was port X blocked, was port Y > permitted). That way if I totally messed up the ruleset it wouldn't > be installed. > > For Linux I found http://sourceforge.net/projects/iptview (IPTview) > which seems to have been abandoned in 2005. It creates a graphical > view of the rules; not a simple "permit/deny" output. However that's > the best I've found so far. > > Does anyone know if such a thing exists? > > Thanks! > > Tom > > -- > Email: [email protected] > Skype: YesThatTom > Blog: http://EverythingSysadmin.com > ⬤ . . : . ) ● ● ● ● > _______________________________________________ > Discuss mailing list > [email protected] > https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss > This list provided by the League of Professional System Administrators > http://lopsa.org/ _______________________________________________ Discuss mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
