Home / Unlabelled / CentralizedFirewall - Provides A Firewall Manager API Designed To Centralize And Streamline The Management Of Firewall Configurations

CentralizedFirewall - Provides A Firewall Manager API Designed To Centralize And Streamline The Management Of Firewall Configurations


Firewall Manager API Project

Installation

Follow these steps to set up and run the API project:

1. Clone the Repository

git clone https://github.com/adriyansyah-mf/CentralizedFirewallcd CentralizedFirewall

2. Edit the .env File

Update the environment variables in .env according to your configuration.

nano .env

3. Start the API with Docker Compose

docker compose up -d

This will start the API in detached mode.

4. Verify the API is Running

Check if the containers are up:

docker ps

Additional Commands

Stop the API

docker compose down

Restart the API

docker compose restart

Let me know if you need any modifications! đŸš€

How to setup for the first time and connect to firewall client

  1. Install Firewall Agent on your node server
  2. Run the agent with the following command
sudo dpkg -i firewall-client_deb.deb
  1. Create a New Group on the Firewall Manager
  2. Create New API Key on the Firewall Manager
  3. Edit the configuration file on the node server
nano /usr/local/bin/config.ini
  1. Add the following configuration
[settings]api_url = API-URLapi_key = API-KEYhostname = Node Hostname (make it unique and same as the hostname on the SIEM)
  1. Restart the firewall agent
systemctl daemon-reloadsystemctl start firewall-agent
  1. Check the status of the firewall agent
systemctl status firewall-agent
  1. You will see the connected node on the Firewall Manager

Default Credential

Username: adminPassword: admin

You can change the default credential on the setting page

How to Integration with SIEM

  1. Install the SIEM on your server
  2. Configure the SIEM to send the log to the Firewall Manager (You can do this via SOAR or SIEM configuration) The request should be POST with the following format
  3. The format of the log should be like this
curl -X 'POST' \  'http://api-server:8000/general/add-ip?ip=123.1.1.99&hostname=test&apikey=apikey&comment=log' \  -H 'accept: application/json' \  -d ''

You can see the swagger documentation on the following link

http://api-server:8000/docs

The .env detail configuration

DB=changemeJWT_SECRET=changemePASSWORD_SALT=changmePASSWORD_TOKEN_KEY=changmeOPENCTI_URL=changmeOPENCTI_TOKEN=changme

Sponsor This Project đŸ’–

If you find this project helpful, consider supporting me through GitHub Sponsors




Source: www.kitploit.com
CentralizedFirewall - Provides A Firewall Manager API Designed To Centralize And Streamline The Management Of Firewall Configurations CentralizedFirewall - Provides A Firewall Manager API Designed To Centralize And Streamline The Management Of Firewall Configurations Reviewed by Zion3R on 6:15 AM Rating: 5

Tags