Welcome to Yaffl homepage.
The 1.2.x version is composed of 1 iptables script and 1 perl script (IPFREEZE) that manages automatic blacklisting. (see http://diplojuge.hosting.ipsyn.com/ipfreeze/ )
This iptables script manage the rules insertion in the running kernel and launches ipfreeze.pl. This perl script listens on the netlink device for packets that are passed by the firewall (QUEUE target). If a packet is sent, ipfreeze get the source IP and insert a new rule in the firewall that will destroy every packets coming from that IP. This rule is automatically removed after a user-definable period (usually 10 or 20min).
With this system, Yaffl proposes you features as :
- Protection from floods (like syn or ping floods)
- basic anti-nmap ports detection
- whitelist and permanent blacklist
- forbidden ports (why should someone connect to the telnet port of a firewall mmmh ?)
- Masquerading and dNAT to share your internet access.
Theses iptables scripts are inteded to be used on gnu/linux systems that are always connected to the internet or to protect small simple networks. I started to write this for my personnal purposes. I do not pretend it will give you maximum security but I have been using it from more that one year and I am very happy with it.
A french site is available at http://www.coolkeums.org/yaffl
An automatic firewall configurator is available at http://www.coolkeums.org/yaffl/configure.php
These details are provided for information only. No information here is legal advice and should not be used as such.