--- /dev/null
+busboy
+######
+
+:date: 2014-05-08
+:tags: idea,project
+:category: idea
+:author: Jude N
+:Status: draft
+
+ipbusboy is an iptables policy builder similar to audit2allow - it watches for IP traffic that is being dropped, and attempts to build a policy which would allow to be flow.
+(ip)busboys clear (ip)tables. (Yeah it's a stretch...)
+
+Problem
+- you don't want every port on your machine wide open
+- you also want to make your policies as strict as possible
+- getting the iptables syntax correct is a pain.
+
+Solution
+- turn on logging of dropped packets
+- attempt to do your activity currently getting blocked
+- turn off logging of packets.
+- Based on the dropped packets, build up a policy which would allow those packets to pass.
+
+ - Allow incoming traffic from address XXX on port YYY through interface ZZZ
+ - Allow outgoing traffic to address AAA on port BBBB through interface CCC
+ - Add state settings ????
+
+Next Steps
+- Find my iptables book...
+- Collect examples of blocked IP tables traffic
+