Zorp GPL
C++ Python C HTML M4 Shell Makefile
Pull request Compare This branch is 95 commits ahead, 1 commit behind kkovaacs:master.
Latest commit 1f3d40e May 30, 2016 @magwas magwas Merge pull request #7 from LocutusOfBorg/patch-1
Fix bad documentation about SSLV23 protocol
Failed to load latest commit information.
ci @ ea79cb7 travis: Moved CI related scripts to separate repository Oct 7, 2015
debian debian: Extended tar ignore with generated and VCS files Oct 7, 2015
doc Initial commit of version 6.0.7 Sep 24, 2015
lib Initial commit of version 6.0.7 Sep 24, 2015
libproxy Initial commit of version 6.0.7 Sep 24, 2015
m4 Initial commit of version 5.0.0 Mar 3, 2015
modules Initial commit of version 6.0.7 Sep 24, 2015
munin_plugins Initial commit of version 6.0.7 Sep 24, 2015
nagios_plugins Initial commit of version 6.0.7 Sep 24, 2015
pylib Fix bad documentation about SSLV23 protocol May 30, 2016
rpm rpm: Added spec file from RPM build. Oct 7, 2015
scripts Initial commit of version 6.0.7 Sep 24, 2015
tests Initial commit of version 6.0.7 Sep 24, 2015
zorp Initial commit of version 6.0.7 Sep 24, 2015
zorpctl Initial commit of version 6.0.7 Sep 24, 2015
zorpctl_in_cc Initial commit of version 6.0.7 Sep 24, 2015
.gitignore travis: Added Travis YML configuration file. Oct 7, 2015
.gitmodules travis: Moved CI related scripts to separate repository Oct 7, 2015
.travis.yml travis: Add Coverity-Scan support. Oct 7, 2015
AUTHORS Initial import of zorp_3.9.0.tar.gz Apr 27, 2011
BUGS Initial import of zorp_3.9.0.tar.gz Apr 27, 2011
COPYING Initial commit of version 6.0.7 Sep 24, 2015
Makefile.am Initial commit of version 5.0.0 Mar 3, 2015
README github: Added Travis and Coverity-Scan state icons Oct 7, 2015
README.md github: Added Travis and Coverity-Scan state icons Oct 7, 2015
VERSION Initial commit of version 6.0.7 Sep 24, 2015
WHATIS.TXT Initial import of zorp_3.9.0.tar.gz Apr 27, 2011
autogen.sh Initial commit of version 6.0.7 Sep 24, 2015
configure.ac Initial commit of version 6.0.7 Sep 24, 2015
dist.conf Initial commit of version 6.0.7 Sep 24, 2015
libzorp.pc.in Initial commit of version 5.0.0 Mar 3, 2015
libzorpproxy.pc.in Initial commit of version 3.9.6. Aug 5, 2013
moduledist.conf.in Initial commit of version 3.9.6. Aug 5, 2013

README.md

Travis Build Status Coverity Scan Build Status

This is Zorp, welcome.

Zorp is a new generation proxy firewall suite making it possible to finetune proxy decisions (with its built in script language), to fully analyze complex protocols (like SSH with several forwarded TCP connections), and to utilize outband authentication techniques (unlike common practices where proxy authentication had to be hacked into the protocol).

Quickstarting Zorp

After installing zorp, you have to come up with a policy.py file, which may not be the easiest thing to do at first time.

A sample policy file is provided named /etc/zorp/policy.py.sample to be renamed to /etc/zorp/policy.py after local modifications are applied.

You will need to modify the zone declaration (the beginning of the file), to fit your network architecture. A zone in Zorp is a IP address range, and is the basis of access control. Each zone may define the services which is allowed to go into, and out of the zone.

As your policy file is in place, you'll need to add a new entry to your $prefix/etc/zorp/instances.conf file, like this:

excerpt from /etc/zorp/instances.conf

zorp_plug --policy /usr/local/etc/zorp/policy-plug.py

The first word is the instance name to start, and the rest are the parameters to add to the zorp command line.

If you are done, you can now try to start your first Zorp instance using zorpctl:

zorpctl start zorp_plug

if you leave the instance name empty, all instances are started.

Documentation

You can find the Zorp Tutorial in doc/zorp-tutorial.html which describes the GPLd version of Zorp, and a more comprehensive documentation for the commercial version which is available at

http://www.balabit.com/support/documentation/