#1 2009-10-28 00:34:41
為 UTM 而生的韌體 - PacketProtector
PacketProtector 是一支由 OpenWrt 延伸而來的分支韌體計畫,這計畫的目的就是整合多套 open source ,包括:Snort-inline(IDS/IPS), OpenVPN(VPN), DansGuardian(Content Filtering) and ClamAV(AntiVirus) 等資安工具軟體,把家用無線路由器打造成具備 UTM 功能的神兵利器。
* a stateful firewall (iptables)
* WPA/WPA2 Enterprise wireless (802.1X and PEAP with FreeRADIUS)
* intrusion prevention (Snort-inline)
* intrusion detection (Snort)
* remote access VPN (OpenVPN)
* content filtering/parental controls (Dansguardian)
* web antivirus (DG + ClamAV)
* a local certificate authority (OpenSSL)
* secure management interfaces (SSH and HTTPS)
* advanced firewall scripts for blocking IM and P2P apps
* IP spoofing prevention (Linux rp_filter)
* basic protocol anomaly detection (ipt_unclean)
目前已知支援的機種(須具備USB、32MB):
網址: http://packetprotector.org/
Wiki: http://en.wikipedia.org/wiki/PacketProtector
PacketProtector 與其他商業資安方案比較表
底下是參考畫面:
技術問題請於論壇上集眾人之力公開討論,感恩
離線
#4 2011-01-26 00:53:16
Re: 為 UTM 而生的韌體 - PacketProtector
編譯環境: Debian 5.0.8
1. 下載, 參閱說明
$ svn co https://packetprotector.org/repos/buildroot_4.x/trunk buildroot_4.x
$ most buildroot_4.x/buildroot_instructions.txt
2. OpenWrt buildroot
$ svn co svn://svn.openwrt.org/openwrt/trunk buildroot
3. X-Wrt webif
$ cd buildroot/package
$ svn co http://x-wrt.googlecode.com/svn/trunk/package/webif webif
4. patch
$ cd ..
$ patch -p1 < ../buildroot_4.x/PacketProtector_mipsel.patch
5. 修改權限, 更換favicon.ico
$ cp ../buildroot_4.x/PacketProtector_mipsel.sh .
$ ./PacketProtector_mipsel.sh
$ rm PacketProtector_mipsel.sh
6. 編譯
$ make V=99
7. 結果, 核心 2.6: packetprotector-brcm-4.0.trx
$ ll bin/brcm47xx/
total 115404
-rw-r--r-- 1 abel abel 1503 2011-01-26 00:22 md5sums
-rw-r--r-- 1 abel abel 3805184 2011-01-26 00:22 openwrt-brcm47xx-squashfs.trx
-rw-r--r-- 1 abel abel 3805196 2011-01-26 00:22 openwrt-ps1208mfg-squashfs.bin
-rw-r--r-- 1 abel abel 30306061 2011-01-26 00:23 OpenWrt-SDK-brcm47xx-for-Linux-i686-gcc-4.3.3+cs_uClibc-0.9.31.tar.bz2
-rw-r--r-- 1 abel abel 3805212 2011-01-26 00:22 openwrt-usr5461-squashfs.bin
-rw-r--r-- 1 abel abel 3805192 2011-01-26 00:22 openwrt-wa840g-squashfs.bin
-rw-r--r-- 1 abel abel 3805192 2011-01-26 00:22 openwrt-we800g-squashfs.bin
-rw-r--r-- 1 abel abel 3936256 2011-01-26 00:22 openwrt-wgt634u-squashfs.bin
-rw-r--r-- 1 abel abel 3805242 2011-01-26 00:22 openwrt-wnr834b_v2-squashfs.chk
-rw-r--r-- 1 abel abel 3805192 2011-01-26 00:22 openwrt-wr850g-squashfs.bin
-rw-r--r-- 1 abel abel 3805216 2011-01-26 00:22 openwrt-wrt150n-squashfs.bin
-rw-r--r-- 1 abel abel 3805216 2011-01-26 00:22 openwrt-wrt300n_v11-squashfs.bin
-rw-r--r-- 1 abel abel 3805216 2011-01-26 00:22 openwrt-wrt300n_v1-squashfs.bin
-rw-r--r-- 1 abel abel 3805216 2011-01-26 00:22 openwrt-wrt350n_v1-squashfs.bin
-rw-r--r-- 1 abel abel 3805216 2011-01-26 00:22 openwrt-wrt54g3g-em-squashfs.bin
-rw-r--r-- 1 abel abel 3805216 2011-01-26 00:22 openwrt-wrt54g3g-squashfs.bin
-rw-r--r-- 1 abel abel 3805216 2011-01-26 00:22 openwrt-wrt54g3gv2-vf-squashfs.bin
-rw-r--r-- 1 abel abel 3805184 2011-01-26 00:22 openwrt-wrt54g3gv2-vf-squashfs.noheader.bin
-rw-r--r-- 1 abel abel 3805216 2011-01-26 00:22 openwrt-wrt54g-squashfs.bin
-rw-r--r-- 1 abel abel 3805216 2011-01-26 00:22 openwrt-wrt54gs-squashfs.bin
-rw-r--r-- 1 abel abel 3805216 2011-01-26 00:22 openwrt-wrt54gs_v4-squashfs.bin
-rw-r--r-- 1 abel abel 3805216 2011-01-26 00:22 openwrt-wrtsl54gs-squashfs.bin
drwxr-xr-x 2 abel abel 4096 2011-01-26 00:23 packages/
-rw-r--r-- 1 abel abel 3805184 2011-01-26 00:22 packetprotector-brcm-4.0.trx
-rw-r--r-- 1 abel abel 3805216 2011-01-26 00:22 packetprotector-wrt350n_v1-4.0.bin
-rw-r--r-- 1 abel abel 3805216 2011-01-26 00:22 packetprotector-wrtsl54gs-4.0.bin
離線