[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Using Apache for remote firewall admin

To: misc@openbsd.org
Subject: Using Apache for remote firewall admin
From: "Stephen Gutknecht (OBSD Misc)" <IML-OpenBSD-misc@i405.com>
Date: Fri, 8 Dec 2000 14:27:24 -0800

I am experimenting with using Apache to view log files and ultimately allow
review and updates to ipf.rules.

For security purposes... I'm putting a dedicated interface in the machine
that is ONLY for network admin; it has a private IP address separate from
the gateway one.  This three-interface configuration also works in a bridge
configuration (I currently have two OpenBSD firewalls, one bridging, one
routing-with-NAT).

Has anyone devised web pages/scripts to interface with firewall
configuration?  Something that presents the ipf log files, basic statistics?

Am I safe starting httpd on the firewall box?  I've changed the httpd.conf
to set Listen parameter to only the "admin interface ip address".  Is there
anything else I should do to make sure I'm not opening holes?

Thanks.

  Stephen Gutknecht
  Renton, Washington

Prev by Date: Re: [Document Project] OpenBSD Documentation Explained.
Next by Date: Re: firewalls
Prev by thread: mod_bandwidth
Next by thread: mysql or BSD?
Index(es):
- Date
- Thread