Fetching latest commit…
Cannot retrieve the latest commit at this time.
|Failed to load latest commit information.|
# Flint -- a firewall rule analyzer ## Supported firewalls: At the moment Flint only works with Cisco PIX/ASA. Support for Cisco IOS, BSD PF, and Linux IPTables is in the works. Please let us know which platforms you are interested in. ## Installing the FlintVM The FlintVM is a VMWare image based on Ubuntu JeOS 8.04 (Hardy Heron) image provided by Joao Inacio <jcinacio at gmail dot com> and available at: <http://www.jcinacio.com/projects/vmware-ubuntujeos-804/> It will configure it's network using DHCP. Check the VM console for the address it was assigned. Flint starts up listing on port 4567. So you can access it at <http://<ip of vm>:4567 ### Virtual Machine Login Details: username: flint password: flint Please login and change the flint user's password immediately. ## Installing from Source You will need a development environment. On Mac OSX that means XCode. On Ubuntu/Debian Linux is would be that `build-essentials` and `libc6-dev` packages. You will also need Ruby, along with the usual tools, rake and gem. To install all required gemsand supporting software: rake install To start the web interface: rake app This will start a Sinatra server listening on port http://localhost:4567. Point your browser at that. ## Running Flint The default user is: admin/admin77 ## Developers You will need the rspec, racc, and rdoc gems. You can use `bundle install` to pull in those gems. Assuming you want to hack on the lexers, Ragel is available at: http://www.complang.org/ragel ## Project Layout * `lib` Ruby code for the Flint module, as well as the support modules for specific firewall types. * `app` The sinatra app which provides an interface to Flint. * `checks` Contains all of firewall rule checks that Flint uses. Each firewall has it's own subdir for example: checks/<firewall>/*.ftg Rule checks are defined in Flint Test Group files, each one defines a specific test group, and it's associated checks. The `checks/test` subdir contains a set of dummy tests which exercise the UI and the Flint test result classes. * spec RSpec tests for Flint. * vendor Third party code that we depend upon.