I have built an Intrusion Detection System in JAVA. I have a web interface which shows a black listed IP. IP's are categorized as Web attcks, SIP attacks, SSH attacks, Probing and Malware. Now I am required to block this IP which falls in any of these categories. Is there a way to do it in java , by interacting with firewall? All wincap lib or wrappers dont work in inline mode so any way to do it ?
Asked
Active
Viewed 686 times
1
-
Well, what firewall? You haven't specified. – EEAA Nov 09 '16 at 10:35
-
Am sorry for that ! It can be windows firewall , I just to need to complete this project so any firewall related will do the trick... – Hafiz Athar Nov 09 '16 at 13:01
1 Answers
0
If it's a windows firewall you can use java to send powershell firewall configuration commands to it.
Example: permit ICMP both internally and externally:
Import-Module NetSecurity
New-NetFirewallRule -Name Allow_Ping -DisplayName “Allow Ping”`
-Description “Packet Internet Groper ICMPv4” `
-Protocol ICMPv4 -IcmpType 8 -Enabled True -Profile Any -Action Allow
You save the code as a .ps1 and call it from within java just like trying to run any .exe.
Overmind
- 2,970
- 2
- 15
- 24
-
Thanks for replying , would u elaborate it a bit ? Or give me any link ! – Hafiz Athar Nov 09 '16 at 13:33
-
I have added an example that allows ping through FW. You'll have to document yourself a little on powershell (check Technet) but once you have the basics, you can make powershell files for any firewall exception command you may want to add. – Overmind Nov 11 '16 at 09:29