This program parses IP's generated by IFTOP or TCPDUMP and then runs a check against an existing database of valid IP addresses that you have to provide for yourself to validate connected IP's on your network.
Currently this program is available for unix only.
Please think about the way you will be using this software to prevent locking yourself out or other valid users.
You should have a databse of valid IP's from your existing services whom your trust, any IP's that are not found on the list but were included in the scanning of iftop or tcdump will be put in the list of IP's to blacklist, you can ofcourse edit the list and compare or do some more logic before you apply the firewall updates.
- You will need GCC 4.9.2 or higher, if you use anything older you will have trouble with regex libraries, boost will be required in that case. Regex was patched on 4.9.2 and will work out of the box.
- MariaDB C++ connector
- Standard C/C++ Development packages from Unix repos
- make
cd /(to where you extracted the code or pulled)
make
./IPParser
After you start the program, follow instructions in the terminal.