A firewall that leverage AMQP workqueue ! Build by iresam for iresam !
A simply logic, configuration based, distributable and reliable extended-firewall.
Saruman is a extended firewall (meaning firewall + dns + dhcp +intruision detection + reverse proxy) build by a former Iresam. It targets I-Resam need’s first but should be enough flexible to be used elsewhere.
It still unstable and yet brings not that much. Try at your own risks.
Most important Urls
- The full documentation is at saruman.readthedocs.org
- We are on Pypi so we’re only an pip install saruman away from installation on your computer.
- The code is at github.com/tychota/saruman.
And… we’re automatically being tested by Scrutinizer !
- Saruman does require Python 3, and if possible the newest version (Python3.5 for now)
- It does require an Celery broker : take RabbitMQ, it is good, fast and reliable.
- It does only works on a recent linux machine : it requires nftables and iproute2 so a linux 4+ kernel would be a necessity.
Saruman gives you three commands to manage the worker and one to run your firewall. Worker’s commands must be run in root since they manage main parts of your system. Firewall’s one doesn’t need this. The commands are:
- saruman workers enable: start the celery workers on the machine.
- saruman workers disable: start the celery workers on the machine.
- saruman workers reload: restart the celery workers on the machine.
- saruman firewall start: start the firewall
AMQP json-rpc api
Changelog for Saruman
- big modifications of the documentation structure
- fixing badges and coverage in testing
- testing works
- fixing a lot of nasty issues
- adding sphinx documentation
- adding CI coverage
- fixing nasty unpack in modprobe.py
- fixing some typo.
- remove download urls as we use sdist
- add zest.release to perform check on release an better automation
- add some yaml config files