CentralizedFirewall - Provides A Firewall Manager API Designed To Centralize And Streamline The Management Of Firewall Configurations

By: Unknown

Firewall Manager API Project

Installation

Follow these steps to set up and run the API project:

1. Clone the Repository

git clone https://github.com/adriyansyah-mf/CentralizedFirewall
cd CentralizedFirewall

2. Edit the `.env` File

Update the environment variables in .env according to your configuration.

nano .env

3. Start the API with Docker Compose

docker compose up -d

This will start the API in detached mode.

4. Verify the API is Running

Check if the containers are up:

docker ps

Additional Commands

Stop the API

docker compose down

Restart the API

docker compose restart

Let me know if you need any modifications! 🚀

How to setup for the first time and connect to firewall client

Install Firewall Agent on your node server
Run the agent with the following command

sudo dpkg -i firewall-client_deb.deb

Create a New Group on the Firewall Manager
Create New API Key on the Firewall Manager
Edit the configuration file on the node server

nano /usr/local/bin/config.ini

Add the following configuration

[settings]
api_url = API-URL
api_key = API-KEY
hostname = Node Hostname (make it unique and same as the hostname on the SIEM)

Restart the firewall agent

systemctl daemon-reload
systemctl start firewall-agent

Check the status of the firewall agent

systemctl status firewall-agent

You will see the connected node on the Firewall Manager

Default Credential

Username: admin
Password: admin

You can change the default credential on the setting page

How to Integration with SIEM

Install the SIEM on your server
Configure the SIEM to send the log to the Firewall Manager (You can do this via SOAR or SIEM configuration) The request should be POST with the following format
The format of the log should be like this

curl -X 'POST' \
  'http://api-server:8000/general/add-ip?ip=123.1.1.99&hostname=test&apikey=apikey&comment=log' \
  -H 'accept: application/json' \
  -d ''

You can see the swagger documentation on the following link

http://api-server:8000/docs

The .env detail configuration

DB=changeme
JWT_SECRET=changeme
PASSWORD_SALT=changme
PASSWORD_TOKEN_KEY=changme
OPENCTI_URL=changme
OPENCTI_TOKEN=changme

Sponsor This Project 💖

If you find this project helpful, consider supporting me through GitHub Sponsors

Download CentralizedFirewall

FreshRSS

CentralizedFirewall - Provides A Firewall Manager API Designed To Centralize And Streamline The Management Of Firewall Configurations

Firewall Manager API Project

Installation

1. Clone the Repository

2. Edit the `.env` File

3. Start the API with Docker Compose

4. Verify the API is Running

Additional Commands

Stop the API

Restart the API

How to setup for the first time and connect to firewall client

Default Credential

How to Integration with SIEM

The .env detail configuration

Sponsor This Project 💖

Serious Security: MD5 considered harmful – to the tune of $600,000

FreshRSS

CentralizedFirewall - Provides A Firewall Manager API Designed To Centralize And Streamline The Management Of Firewall Configurations

Firewall Manager API Project

Installation

1. Clone the Repository

2. Edit the .env File

3. Start the API with Docker Compose

4. Verify the API is Running

Additional Commands

Stop the API

Restart the API

How to setup for the first time and connect to firewall client

Default Credential

How to Integration with SIEM

The .env detail configuration

Sponsor This Project 💖

Serious Security: MD5 considered harmful – to the tune of $600,000

2. Edit the `.env` File