bluewall 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/README.md +109 -0
- data/bin/bluewall +21 -0
- data/lib/bluewall.rb +1400 -0
- metadata +78 -0
checksums.yaml
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
---
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 31fa2361759c4cd5c62264b8b88a12fa0ef71306ac6956ed36b65d16347b19b6
|
|
4
|
+
data.tar.gz: ddc6682e93b8fc894a7c5f2ec7c5fc9df4845753e43c3e0c984d1026602db753
|
|
5
|
+
SHA512:
|
|
6
|
+
metadata.gz: 8f347cc0bc985caf6a84d9c319aa7358f693e1d548333b6eb88e5dd9d064ddd38f5657c6f812d9c426c36b5e6707fa1ec7e97de67a5dce7c25d352b4102d3309
|
|
7
|
+
data.tar.gz: be060c5ad354ac40f0bee76cb8604023340f74e8333e2f3dcc92f79d515027c6f009cd38f2fb1a8d2192c71b56a8c1c82ff8fd8e124ae7dff978b52068154bd3
|
data/README.md
ADDED
|
@@ -0,0 +1,109 @@
|
|
|
1
|
+
# ๐ BlueWall โ Firewall Auditor
|
|
2
|
+
|
|
3
|
+
[](https://badge.fury.io/rb/bluewall)
|
|
4
|
+
[](https://www.gnu.org/licenses/gpl-3.0)
|
|
5
|
+
[](https://www.ruby-lang.org)
|
|
6
|
+
|
|
7
|
+
BlueWall is a firewall auditing tool for **pfSense** and **OPNsense** configurations.
|
|
8
|
+
It parses XML exports, identifies strengths and weaknesses, simulates attack scenarios, and provides compliance scoring against frameworks like **NIST CSF, CIS Controls, ISO 27001, PCI DSS, SOC 2, and COBIT 2019**.
|
|
9
|
+
|
|
10
|
+
---
|
|
11
|
+
|
|
12
|
+
## โจ Features
|
|
13
|
+
|
|
14
|
+
* โ
Parse **pfSense/OPNsense XML configs** (rules, NAT, aliases, schedules).
|
|
15
|
+
* โ
Detect **firewall strengths & weaknesses**.
|
|
16
|
+
* โ
Simulate **attack & exfiltration scenarios** (e.g., brute force, reverse shell).
|
|
17
|
+
* โ
Generate a **security score (1โ10)** with details.
|
|
18
|
+
* โ
Map findings to **major security frameworks**.
|
|
19
|
+
* โ
Export **interactive HTML reports** with graphs & charts.
|
|
20
|
+
|
|
21
|
+
---
|
|
22
|
+
|
|
23
|
+
## ๐ฆ Installation
|
|
24
|
+
|
|
25
|
+
### From RubyGems
|
|
26
|
+
|
|
27
|
+
```bash
|
|
28
|
+
gem install bluewall
|
|
29
|
+
```
|
|
30
|
+
|
|
31
|
+
### From Source
|
|
32
|
+
|
|
33
|
+
```bash
|
|
34
|
+
git clone https://github.com/yourusername/bluewall.git
|
|
35
|
+
cd bluewall
|
|
36
|
+
bundle install
|
|
37
|
+
```
|
|
38
|
+
|
|
39
|
+
---
|
|
40
|
+
|
|
41
|
+
## ๐ Usage
|
|
42
|
+
|
|
43
|
+
Export your firewall configuration (`config.xml`) from pfSense/OPNsense, then run:
|
|
44
|
+
|
|
45
|
+
```bash
|
|
46
|
+
bluewall config.xml
|
|
47
|
+
```
|
|
48
|
+
|
|
49
|
+
Youโll get:
|
|
50
|
+
|
|
51
|
+
* Console summary (strengths, weaknesses, score).
|
|
52
|
+
* Optional detailed compliance breakdown.
|
|
53
|
+
* Optional interactive **HTML report**.
|
|
54
|
+
|
|
55
|
+
---
|
|
56
|
+
|
|
57
|
+
## ๐ Example Output
|
|
58
|
+
|
|
59
|
+
```
|
|
60
|
+
โโโโโโโ โโโ โโโ โโโโโโโโโโโโโโ โโโ โโโโโโ โโโ โโโ
|
|
61
|
+
โโโโโโโโโโโ โโโ โโโโโโโโโโโโโโ โโโโโโโโโโโโโโ โโโ
|
|
62
|
+
โโโโโโโโโโโ โโโ โโโโโโโโโ โโโ โโ โโโโโโโโโโโโโโ โโโ
|
|
63
|
+
โโโโโโโโโโโ โโโ โโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโ โโโ
|
|
64
|
+
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโ
|
|
65
|
+
โโโโโโโ โโโโโโโโ โโโโโโโ โโโโโโโโ โโโโโโโโ โโโ โโโโโโโโโโโโโโโโโโโ
|
|
66
|
+
created by :cillia
|
|
67
|
+
|
|
68
|
+
--- BlueWall Audit Report ---
|
|
69
|
+
Firewall Type: PFSENSE_LIKE
|
|
70
|
+
Strengths:
|
|
71
|
+
- Explicit 'DENY all' inbound rule on WAN detected
|
|
72
|
+
Weaknesses:
|
|
73
|
+
- Rule allows SSH from any source on WAN (**Critical risk!**)
|
|
74
|
+
Overall Security Score (1โ10): 5.4
|
|
75
|
+
```
|
|
76
|
+
|
|
77
|
+
---
|
|
78
|
+
|
|
79
|
+
## ๐ฏ Compliance Mapping
|
|
80
|
+
|
|
81
|
+
BlueWall maps findings against:
|
|
82
|
+
|
|
83
|
+
* **NIST Cybersecurity Framework (CSF)**
|
|
84
|
+
* **CIS Controls**
|
|
85
|
+
* **ISO/IEC 27001**
|
|
86
|
+
* **PCI DSS**
|
|
87
|
+
* **SOC 2**
|
|
88
|
+
* **COBIT 2019**
|
|
89
|
+
|
|
90
|
+
---
|
|
91
|
+
## ๐ฃ๏ธ Roadmap & Future Features
|
|
92
|
+
|
|
93
|
+
* **๐ Live Firewall API Support โ direct audits via pfSense/OPNsense API.**
|
|
94
|
+
* **๐ก SIEM / Log Integration โ export to Splunk, ELK, Graylog.**
|
|
95
|
+
* **๐งช Custom Attack Profiles โ extend simulations with YAML/JSON configs.**
|
|
96
|
+
* **๐ JSON/Markdown Reports โ lightweight and developer-friendly outputs.**
|
|
97
|
+
* **๐ Web Dashboard โ interactive UI for reports and history.**
|
|
98
|
+
* **๐ More Frameworks โ add HIPAA, GDPR, FedRAMP mappings.**
|
|
99
|
+
* **๐ Asset-aware Risk Scoring โ weight rules by criticality.**
|
|
100
|
+
* **๐งฉ Plugin System โ allow custom rules & attack modules.**
|
|
101
|
+
|
|
102
|
+
---
|
|
103
|
+
|
|
104
|
+
## ๐ License
|
|
105
|
+
|
|
106
|
+
This project is licensed under the **GNU GPL v3.0** โ see [LICENSE](LICENSE) for details.
|
|
107
|
+
|
|
108
|
+
---
|
|
109
|
+
|
data/bin/bluewall
ADDED
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
#!/usr/bin/env ruby
|
|
2
|
+
|
|
3
|
+
# Add the lib directory to the load path
|
|
4
|
+
lib_path = File.expand_path('../../lib', __FILE__)
|
|
5
|
+
$LOAD_PATH.unshift(lib_path) unless $LOAD_PATH.include?(lib_path)
|
|
6
|
+
|
|
7
|
+
require 'bluewall'
|
|
8
|
+
|
|
9
|
+
# Main Execution (this part was already in your script)
|
|
10
|
+
if ARGV.empty?
|
|
11
|
+
puts "Usage: bluewall <config.xml>"
|
|
12
|
+
exit(1)
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
config_file = ARGV[0]
|
|
16
|
+
auditor = BlueWall.new
|
|
17
|
+
audit_result = auditor.conduct_audit(config_file)
|
|
18
|
+
|
|
19
|
+
# Output the result (the script already handles this)
|
|
20
|
+
puts audit_result.to_s.split("--- BlueWall Audit Report ---").first
|
|
21
|
+
# ... rest of the output and interaction will follow as in the original script
|