# Copyright (C) 2012 Lelouch (Carlos Rincon) -------------------------------------------------------------------------- GENERAL -------------------------------------------------------------------------- Haro is a bash script for BrazilFW 3x to create a white list ports. Ports not declared in white list will be CLOSED and connection to them will be DROPED, optionally you can declare a ip white list in order to prevent apply haro polices to that privileged IPs. [!] Haro is a bash script, no compilation needed. -------------------------------------------------------------------------- INSTALL -------------------------------------------------------------------------- You can use the webadmin to install and configure Haro. -------------------------------------------------------------------------- USING THE HARO -------------------------------------------------------------------------- Haro use the 'eth' device declared in your configuration file. Haro read /etc/brazilfw/haro_white file which contain a list of IPs to not apply the polices of haro. Then, Haro will read /etc/brazilfw/haro_ports file in order to open ports declared in file, when finish, haro will be set up an iptables drop policy. To start haro you must create first a list of valid ports in /etc/brazilfw/haro_ports whit this scheme: #port_numer protocol #comment 80 tcp #navigation ... then, start haro using: /etc/init.d/haro start to stop haro use argument stop, and obviusly you can use the argment restart to stop and start it again. -------------------------------------------------------------------------- UNINSTALL -------------------------------------------------------------------------- To uninstall haro, pls use webadmin. -------------------------------------------------------------------------- -------------------------------------------------------------------------- -------------------------------------------------------------------------- # Copyright (C) 2012 Reginaldo S Melo # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . O addon Haro não possui nenhum conteúdo compilado. Todo o código está disponível e aberto para edição diretamente pelo ambiente de produção do BFW 3.x, não sendo necessário nenhum tipo de compilação ou preparação de ambiente dentro da build tree do servidor. Para se reempacotar o addon Haro após terem sido feitas alterações nos arquivos do addon, basta seguir a sugestão de comandos abaixo: mt cd /mnt package haro cd / umt Dessa forma, serão guardadas as alterações feitas no addon haro e haverá sido preparado o servidor para reiniciar sempre com as alterações já aplicadas. O pacote gerado como resultado dos comandos acima estará sempre disponível no diretório /mnt.