X-Git-Url: https://pwan.org/git/?p=pwan.org.git;a=blobdiff_plain;f=content%2Fideas%2Fbusboy.rst;fp=content%2Fideas%2Fbusboy.rst;h=3c8071d9f293d8ab09d6520ecf331401529a1898;hp=0000000000000000000000000000000000000000;hb=3f68a500fe717ba1a70ac17fa4fe8eea9bbb729e;hpb=dd55ce0638793dd8f348fe9bf679049ef34fff47

diff --git a/content/ideas/busboy.rst b/content/ideas/busboy.rst
new file mode 100644
index 0000000..3c8071d
--- /dev/null
+++ b/content/ideas/busboy.rst
@@ -0,0 +1,31 @@
+busboy
+######
+
+:date: 2014-05-08
+:tags: idea,project
+:category: idea
+:author: Jude N
+:Status: draft
+
+ipbusboy is an iptables policy builder similar to audit2allow - it watches for IP traffic that is being dropped, and attempts to build a policy which would allow to be flow.
+(ip)busboys clear (ip)tables.  (Yeah it's a stretch...)
+
+Problem
+- you don't want every port on your machine wide open
+- you also want to make your policies as strict as possible
+- getting the iptables syntax correct is a pain.
+
+Solution
+- turn on logging of dropped packets 
+- attempt to do your activity currently getting blocked
+- turn off logging of packets.
+- Based on the dropped packets, build up a policy which would allow those packets to pass.
+
+  - Allow incoming traffic from address XXX on port YYY through interface ZZZ
+  - Allow outgoing traffic to address AAA on port BBBB through interface CCC 
+  - Add state settings ????
+
+Next Steps
+- Find my iptables book...
+- Collect examples of blocked IP tables traffic
+