secgroup / fws Goto Github PK
View Code? Open in Web Editor NEWLanguage-independent Synthesis of Firewall Policies
License: MIT License
fws's People
Contributors
Stargazers
Watchers
fws's Issues
Additional short description in README.md
The README.md starts with "Language-independent Synthesis of Firewall Policies"
Please add one or two sentences what the synthesis of firewall policies is useful for
Identical files but non empy diff
I bumped in to this strange case where FWS marks two (identical) files as equivalent, but generates a non empty diff. I have attached the policy and interfaces file to the issue.
interfaces.txt
mastersolution.txt
FireWall Synthesizer - Language-independent Synthesis of Firewall Policies
FWS> p1 = load_policy(iptables, "mastersolution", "interfaces")
FWS> p2 = load_policy(iptables, "mastersolution", "interfaces")
FWS> equivalence(p1,p2)
Equivalent.
FWS> diff(p1,p2)
Solving: [##################################################] ( 18/ 18) 100.00%
+++ mastersolution
--- mastersolution
╭─────┬────────────────────────┬─────────────┬─────────────────────────┬──────────────────┬────────────┬─────────────────┬──────────┬───────╮
│ +/- │ Source IP │ Source Port │ Destination IP │ Destination Port │ Source MAC │ Destination MAC │ Protocol │ State │
╞═════╪════════════════════════╪═════════════╪═════════════════════════╪══════════════════╪════════════╪═════════════════╪══════════╪═══════╡
│ + │ 0.0.0.0/31 \ {0.0.0.1} │ 63690-63784 │ 64.0.0.0/2 \ {64.0.0.1} │ 50621-50691 │ * │ * │ tcp │ NEW │
├─────┼────────────────────────┼─────────────┼─────────────────────────┼──────────────────┼────────────┼─────────────────┼──────────┼───────┤
│ - │ 0.0.0.0/31 \ {0.0.0.1} │ 63690-63784 │ 64.0.0.0/2 \ {64.0.0.1} │ 50621-50691 │ * │ * │ icmp │ NEW │
│ │ │ │ │ │ │ │ tcp │ │
╰─────┴────────────────────────┴─────────────┴─────────────────────────┴──────────────────┴────────────┴─────────────────┴──────────┴───────╯
Firewall configs copyright notice
Hey,
cool work, thanks for promoting the real world firewall configs 😁
I tried hard to collect them -- if possible -- with the most permissive license, please try to ShareAlike 😉
TODO: Please add license notes to fws/examples/real-world/ to allow all researches to use this data 😄
Thanks for mirroring! Keep on making firewall configs better 👍
Overview of supported IPtables functionality and syntax
At the moment it is a bit hit and miss to figure out what IPtables functions are supported. E.g. using the --source-ports directive or the iprange module appear to crash fws.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.