Quick Deployment:Uranus
Best firewalld UI
If you think the project fits your usage scenario, please give me a 🌟🌟🌟!!!
Uranus Gateway
The mission of Uranus is to transform iptables into a tool with similar security group of aliyun.
Uranus Gateway It is a web UI and openAPI for distributed management of iptables rules on linux machines. is based-firewalld, which converts all dbus API translate to rest api , essentially for unified management of all machines in the The iptables rules of enterprise hosts, make the manipulation unified and standardized, no longer have to worry about operational errors, no longer have to worry about difficult management.
Project Show
Architecture
Instantly view firewall status and rollback restart operations
You can also add all firewalld rules on Uranus
It also supports the NAT function of iptables, which can be turned on and off with one click
And supports rich rules, such as traffic speed limit, network auditing, etc.
auto discovery
template management
Of course, the most important thing is not the function of the firewalld base itself
Special feature
- Support for delayed tasks:For example, if the Internet is banned during the Golden Week holiday(China biggest holiday), then the effective period of the rule is 10-1 0:0:00 ~ 10-8 0:0:00, and there is no need to operate on October 1. You can set it to take effect on October 1 before leaving get off work can
- Support automatic discovery:Similar to zabbix host automatic discovery function
- No need to deploy additional agent side:Because firewalld is a function provided by common Linux distributions, such as centos 7 8 9, debian 10 11, ubuntu20 22 and other distributions can be installed with one click, then this system does not need to install any additional agent
- zone is converted to a template: firewalld has the concept of zone, here I abstract the zone into a template, that is, by applying the template, a group of templates can be generated and applied in batches for a large number of hosts, so as to realize the dynamic switching of the firewall
- SSO/UUAP: Support openldap as the backend, providing one-click authentication for enterprises
- Timing takes effect: Both iptables and firewalld bases provide rules to take effect at regular intervals, so you can use this rule to complete scheduled tasks
- docker/kubernetes deployment: Can be quickly deployed on any end for management
- declarative task: Can support a large number of rules issued, provided that your host is online
- Modular start: You can choose the function you want to start
- asynchronous task: Declarative API that supports a large number of asynchronous operations
Let’s explore more functions quickly. In essence, Uranus does not recommend UI processing, because the functions are relatively simple, so using API can be better embedded in your management system
For more deployment problems, you can directly raise issue
future
Do you hope to manage in a distributed mode or a single node mode to support more security policies in the future? For example ban ip, anti-ddos and the like
Top comments (0)