How To Install fwsnort on Fedora 34

fwsnort is Translates Snort rules into equivalent iptables rules

Introduction

In this tutorial we learn how to install fwsnort on Fedora 34.

What is `fwsnort`

fwsnort translates Snort rules into equivalent iptables rules and generates a Bourne shell script that implements the resulting iptables commands. In addition, fwsnort (optionally) uses the IPTables iptables ruleset on the machine to determine which Snort rules are applicable to the specific iptables policy. fwsnort is able to translate approximately 60% of all rules from the Snort-2.3.3 IDS into equivalent iptables rules.

We can use yum or dnf to install fwsnort on Fedora 34. In this tutorial we discuss both methods but you only need to choose one of method to install fwsnort.

Install fwsnort on Fedora 34 Using dnf

Update yum database with dnf using the following command.

sudo dnf makecache --refresh

The output should look something like this:

Fedora 34 - x86_64                               20 kB/s | 6.6 kB     00:00
Fedora 34 openh264 (From Cisco) - x86_64        1.4 kB/s | 989  B     00:00
Fedora Modular 34 - x86_64                       68 kB/s | 6.5 kB     00:00
Fedora 34 - x86_64 - Updates                    3.5 kB/s | 6.2 kB     00:01
Fedora Modular 34 - x86_64 - Updates             17 kB/s | 5.9 kB     00:00
Metadata cache created.

After updating yum database, We can install fwsnort using dnf by running the following command:

sudo dnf -y install fwsnort

Install fwsnort on Fedora 34 Using yum

Update yum database with yum using the following command.

sudo yum makecache --refresh

The output should look something like this:

Fedora 34 - x86_64                               20 kB/s | 6.6 kB     00:00
Fedora 34 openh264 (From Cisco) - x86_64        1.4 kB/s | 989  B     00:00
Fedora Modular 34 - x86_64                       68 kB/s | 6.5 kB     00:00
Fedora 34 - x86_64 - Updates                    3.5 kB/s | 6.2 kB     00:01
Fedora Modular 34 - x86_64 - Updates             17 kB/s | 5.9 kB     00:00
Metadata cache created.

After updating yum database, We can install fwsnort using yum by running the following command:

sudo yum -y install fwsnort

How To Uninstall fwsnort on Fedora 34

To uninstall only the fwsnort package we can use the following command:

sudo dnf remove fwsnort

fwsnort Package Contents on Fedora 34

/etc/fwsnort
/etc/fwsnort/fwsnort.conf
/etc/fwsnort/snort_rules
/etc/fwsnort/snort_rules/attack-responses.rules
/etc/fwsnort/snort_rules/backdoor.rules
/etc/fwsnort/snort_rules/bad-traffic.rules
/etc/fwsnort/snort_rules/chat.rules
/etc/fwsnort/snort_rules/ddos.rules
/etc/fwsnort/snort_rules/deleted.rules
/etc/fwsnort/snort_rules/dns.rules
/etc/fwsnort/snort_rules/dos.rules
/etc/fwsnort/snort_rules/emerging-all.rules
/etc/fwsnort/snort_rules/experimental.rules
/etc/fwsnort/snort_rules/exploit.rules
/etc/fwsnort/snort_rules/finger.rules
/etc/fwsnort/snort_rules/ftp.rules
/etc/fwsnort/snort_rules/icmp-info.rules
/etc/fwsnort/snort_rules/icmp.rules
/etc/fwsnort/snort_rules/imap.rules
/etc/fwsnort/snort_rules/info.rules
/etc/fwsnort/snort_rules/local.rules
/etc/fwsnort/snort_rules/misc.rules
/etc/fwsnort/snort_rules/multimedia.rules
/etc/fwsnort/snort_rules/mysql.rules
/etc/fwsnort/snort_rules/netbios.rules
/etc/fwsnort/snort_rules/nntp.rules
/etc/fwsnort/snort_rules/oracle.rules
/etc/fwsnort/snort_rules/other-ids.rules
/etc/fwsnort/snort_rules/p2p.rules
/etc/fwsnort/snort_rules/policy.rules
/etc/fwsnort/snort_rules/pop2.rules
/etc/fwsnort/snort_rules/pop3.rules
/etc/fwsnort/snort_rules/porn.rules
/etc/fwsnort/snort_rules/rpc.rules
/etc/fwsnort/snort_rules/rservices.rules
/etc/fwsnort/snort_rules/scan.rules
/etc/fwsnort/snort_rules/shellcode.rules
/etc/fwsnort/snort_rules/smtp.rules
/etc/fwsnort/snort_rules/snmp.rules
/etc/fwsnort/snort_rules/sql.rules
/etc/fwsnort/snort_rules/telnet.rules
/etc/fwsnort/snort_rules/tftp.rules
/etc/fwsnort/snort_rules/virus.rules
/etc/fwsnort/snort_rules/web-attacks.rules
/etc/fwsnort/snort_rules/web-cgi.rules
/etc/fwsnort/snort_rules/web-client.rules
/etc/fwsnort/snort_rules/web-coldfusion.rules
/etc/fwsnort/snort_rules/web-frontpage.rules
/etc/fwsnort/snort_rules/web-iis.rules
/etc/fwsnort/snort_rules/web-misc.rules
/etc/fwsnort/snort_rules/web-php.rules
/etc/fwsnort/snort_rules/x11.rules
/etc/logrotate.d/fwsnort
/usr/sbin/fwsnort
/usr/share/doc/fwsnort
/usr/share/doc/fwsnort/CREDITS
/usr/share/doc/fwsnort/LICENSE
/usr/share/doc/fwsnort/README
/usr/share/doc/fwsnort/SNORT-RULES-VERSION
/usr/share/doc/fwsnort/TODO
/usr/share/doc/fwsnort/VERSION
/usr/share/man/man8/fwsnort.8.gz
/var/log/fwsnort

References

fwsnort website

Summary

In this tutorial we learn how to install fwsnort on Fedora 34 using yum and dnf.