[svlug] Web-based iptables management

Walt Reed svlug at linuxguy.com
Tue Jan 23 09:13:58 PST 2007


<Top-posting fixed>

On Tue, Jan 23, 2007 at 07:24:23AM -0800, Chris Miller said:
> On 1/23/07, Walt Reed <svlug at linuxguy.com> wrote:
> >I'm looking for a web-based iptables management tool...
> >
> >The only thing I have found so far, is a plugin for webmin - webmin is
> >Massive overkill, and I'm a little concerned about the security of it
> >anyway.
> >
> >Anyone familiar with other options?
> >
> >Background: I setup Ubuntu Dapper for a small school, and due to the
> >limitations of their network (managed router) I setup the server as a
> >(mostly) transparent bridge (it has an IP address.) The people who
> >operate it are somewhat technical (computer teachers that have taken a
> >"networking 101" class at the votech,) but don't know linux at all. The
> >machine is headless, so traditional GTK / QT based tools won't work.  I
> >chose Ubuntu over something like monowall because I'm most familiar with
> >debian, and the machine is also a Samba / web server / transparent squid
> >proxy. All the machines inside the network have real routable IP
> >addresses (/25 net.)

> You could make a small PHP script that could give you some
> ultra-ultra-ultra basic info.  I think that SSH remote administration
> is your best bet though.  I'm already waaaaaaay over my head (I've
> only played with SSH at home, thought it was awesome, and went from
> there).
 
I think you are missing the point, which is that I'm trying to avoid
command-line management. These teachers are stressed enough just
managing what they have. Training them on SSH clients, Unix text
editors, IPTables management and operation with all the command-line
goodness is way beyond what I can expect them to be able to handle. I
really need to give them a web interface similar (in complexity) to a
Linksys router. 

Worst case scenario, I write one myself (trying to avoid that if
possible.)





More information about the svlug mailing list