Skip to main content

Illuminate firewall agent

 

The Illuminate solution provides advanced traffic analytics for Fusion SD-WAN. These analytics can used to block or steer traffic. This is an example to block bittorrent. 

sudo apt-get install git autogen libtool build-essential
git clone https://gitlab.com/netify.ai/public/netify-fwa.git
cd netify-fwa
./autogen.sh
./configure
sudo make install
sudo service netify-fwa stop
mkdir /var/run/netify-fwa
mkdir /usr/local/var
mkdir /usr/local/var/run
mkdir /usr/local/var/run/netify-fwa
nano /etc/netifyd.conf

# Add to end of file
[socket]
listen_path[0] = /var/run/netifyd/netifyd.sock

service netifyd restart
cd /usr/local/sbin
netify-fwa -d
nano /usr/local/etc/netify-fwa/netify-fwa.ini

# Modify
interfaces-external = eth1
interfaces-internal = br0

nano /usr/local/etc/netify-fwa/netify-fwa.json

{
  "version": "1.0",
  "rules": [
        {
            "type": "block",
            "protocol": "bittorrent"
        }
],
  "whitelist": []
}

nano /lib/systemd/system/netify-fwa.service

PIDFile=/var/run/netify-fwa/netify-fwa.pid
RestartSec=9

service netify-fwa start
service netify-fwa status
This article was originally published over on LinkedIn: Illuminate firewall agent
Labels:

Comments

Post a Comment

Popular posts from this blog

LDWin: Link Discovery for Windows

LDWin supports the following methods of link discovery: CDP - Cisco Discovery Protocol LLDP - Link Layer Discovery Protocol Download LDWin from here.
Post a Comment
Read more

Battery Room Explosion

A hydrogen explosion occurred in an Uninterruptible Power Source (UPS) battery room. The explosion blew a 400 ft2 hole in the roof, collapsed numerous walls and ceilings throughout the building, and significantly damaged a large portion of the 50,000 ft2 building. Fortunately, the computer/data center was vacant at the time and there were no injuries. Read more about the explosion over at hydrogen tools here .
Post a Comment
Read more

STG (SNMP Traffic Grapher)

This freeware utility allows monitoring of supporting SNMPv1 and SNMPv2c devices including Cisco. Intended as fast aid for network administrators who need prompt access to current information about state of network equipment. Access STG here (original site) or alternatively here .
Post a Comment
Read more