All Projects → fnzv → Net Shield

fnzv / Net Shield

Licence: mit
An Easy and Simple Anti-DDoS solution for VPS,Dedicated Servers and IoT devices - Beta

Programming Languages

go
31211 projects - #10 most used programming language

Projects that are alternatives of or similar to Net Shield

Core
OPNsense GUI, API and systems backend
Stars: ✭ 1,827 (+804.46%)
Mutual labels:  proxy, firewall
Afwall
AFWall+ (Android Firewall +) - iptables based firewall for Android
Stars: ✭ 2,024 (+901.98%)
Mutual labels:  iptables, firewall
Gitwebhookproxy
A proxy to let webhooks reach running services behind a firewall – [✩Star] if you're using it!
Stars: ✭ 123 (-39.11%)
Mutual labels:  proxy, firewall
Country Ip Blocks
CIDR country-level IP data, straight from the Regional Internet Registries, updated hourly.
Stars: ✭ 100 (-50.5%)
Mutual labels:  firewall, nginx
Exporter exporter
A reverse proxy designed for Prometheus exporters
Stars: ✭ 194 (-3.96%)
Mutual labels:  proxy, nginx
Pc Engines Apu Router Guide
Guide to building a Linux or BSD router on the PC Engines APU platform
Stars: ✭ 101 (-50%)
Mutual labels:  iptables, firewall
Piadvanced
This started as a custom install for my pihole!
Stars: ✭ 144 (-28.71%)
Mutual labels:  iptables, firewall
Docker Nginx Image Proxy
on the fly image cropping with gravity, resize and compression microservice
Stars: ✭ 79 (-60.89%)
Mutual labels:  proxy, nginx
Smtpd
A Lightweight High Performance ESMTP email server
Stars: ✭ 175 (-13.37%)
Mutual labels:  proxy, nginx
Config
Various program configuration files and scripts
Stars: ✭ 173 (-14.36%)
Mutual labels:  iptables, firewall
Delete
(迫于压力,本项目停止维护,请尽快fork代码。1月1日之后删除项目)[免翻墙工具]A free and open-source youtube video proxy script [Written in PHP]
Stars: ✭ 1,316 (+551.49%)
Mutual labels:  proxy, firewall
Orange
OpenResty/Nginx Gateway for API Monitoring and Management.
Stars: ✭ 2,208 (+993.07%)
Mutual labels:  proxy, nginx
Tor Android
Tor binary and library for Android
Stars: ✭ 90 (-55.45%)
Mutual labels:  proxy, firewall
Frp
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
Stars: ✭ 51,746 (+25516.83%)
Mutual labels:  proxy, firewall
Iptables semantics
Verified iptables Firewall Ruleset Analysis
Stars: ✭ 85 (-57.92%)
Mutual labels:  iptables, firewall
Vpnfailsafe
IP leak prevention for OpenVPN
Stars: ✭ 130 (-35.64%)
Mutual labels:  iptables, firewall
Setup Nginx Webserver
🚀Setup a perfect webserver on CentOS/Redhat 7.x guide with understanding.
Stars: ✭ 65 (-67.82%)
Mutual labels:  firewall, nginx
Firehol
A firewall for humans...
Stars: ✭ 1,215 (+501.49%)
Mutual labels:  iptables, firewall
Easywall
Web interface for easy use of the IPTables firewall on Linux systems written in Python3.
Stars: ✭ 172 (-14.85%)
Mutual labels:  iptables, firewall
Docker Waf
An NGINX and ModSecurity based Web Application Firewall for Docker
Stars: ✭ 181 (-10.4%)
Mutual labels:  firewall, nginx

net-Shield

Build Status
An Easy and Simple Anti-DDoS solution for VPS,Dedicated Servers and IoT devices based on iptables/ipsets


Requirements

  • Linux System with golang, iptables/ipsets
  • Nginx

Quickstart

Run the bash script (install.sh) to install all the required dependencies.

bash install.sh


You will be prompted to insert a domain and the real IP address associated to it so net-Shield will configure for you the first proxydomain (you can see the changes on /etc/nshield/nshield.conf).

Proxy Domains

To configure proxydomains you need to enable the proxy option on /etc/nshield/nshield.conf (proxy = 1) and be sure that the proxydomain list (on the same conf file) is correct:

proxydomains = [
  "sami.pw 8.8.8.8",
  "example.org 1.2.3.4"
]

Usage

After you completed the install with the quickstart script you can call the "config-nshield" commad that will read the nshield.conf and re-configure shield rules based on the new configuration.

Example: I want to enable SSL on sami.pw that i just configured as above:

  1. Edit /etc/nshield/nshield.conf and set autossl = 1
  2. On your terminal run: # config-shield
  3. You can now see the changes on the Nginx configuration

The domain must point to the net-Shield instance otherwise will fail let's encrypt verification.

Logs are diplayed on: /var/log/nshield.log

How it works

Basically this script is set by default to run every 30 minutes and execute these operations:

  • Get latest Bot,Spammers,Bad IP/Net reputation lists and blocks if those Bad guys are attacking your server (Thank you FireHol http://iplists.firehol.org/ )
  • Enable basic Anti-DDoS methods to deny unwanted/malicious traffic
  • Rate limits when under attack
  • Allows HTTP(S) Proxying to protect your site

Demo

asciicast

Tested on Ubuntu 16.04 and 14.04 LTS

Contributors

Feel free to open issues or send me an email

Binaries

In case you cannot compile it your self and/or run the install.sh you can find the binaries on: https://github.com/fnzv/net-Shield/tree/master/binaries

License

Code distributed under MIT licence.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].