Refactoring

Makefile

@@ -1,10 +1,20 @@
 
 CP=/bin/cp
 MKDIR=/bin/mkdir
-FIREWALL_ETC_DIR=/etc/firewall
-FIREWALL_CONF=firewall.conf
+FIREWALL_ETC_DIR=/etc/lfirewall
+FIREWALL_CONF=lfirewall.conf
+PREFIX=
+INSTALL_DIR=$(PREFIX)/sbin
 
-firewall:
-	$(CP) scripts/firewall /etc/init.d/firewall
+#SysVinit installation dir
+#INSTALL_DIR=/etc/init.d
+
+firewall: $(INSTALL_DIR)/lfirewall config
+
+config: 
 	$(MKDIR) -p $(FIREWALL_ETC_DIR)
 	$(CP) etc/$(FIREWALL_CONF) $(FIREWALL_ETC_DIR)/
+	
+$(INSTALL_DIR)/lfirewall: scripts/lfirewall
+	$(CP) $< $@
+

README.md

@@ -1,90 +1,30 @@
-# Debian Configuration scripts
-## Introduction
-This is a Debian Configuration procedure.
-
-The scripts and procedure are inspired by [this page from Nicolargo's blog](http://blog.nicolargo.com/2013/03/mes-5-premieres-minutes-sur-un-serveur-debian.html).
-
-## Debian configuration
-
-### Create an user account
-
-We will not use a root account when connecting to our system. Instead we will create a specific user, and add it to the sudoers' group.
-
-```bash
-root@server $ adduser --gecos "Morpheus",,,, morpheus
-root@server $ adduser morpheus sudo
-```
-
-Once we have created it, we will login to our server using this account.
-
-### Creating a SSH private/public key
-
-I will not detail the creation of the key here, but only how to open the access to our user by adding the public key into its account.
-
-First login:
-
-```bash
-ssh morpheus@server
-```
-
-Then create the `.ssh` dir and the authorized_keys file:
-```bash
-morpheus@server $ mkdir .ssh
-morpheus@server $ nano .ssh/authorized_keys
-```
-
-Paste from the public key file you created previously into this opened file and exit `nano` using `Ctrl-o` then `Enter` (to confirm filename) then `Ctrl-x` (to exit).
-
-Check that you SSH connection works with this private/public key pair (when logging in, the server should not ask you for your password but (eventually) for your ssh key's passphrase.
+# Debian Light Firewall
 
-**Once you are sure it works you can proceed to next step.**
+## Introduction
 
-### Disable SSH access using passwords
+Ce firewall léger est inspiré de celui fournit par [Nicolargo sur cette page](http://blog.nicolargo.com/2013/03/mes-5-premieres-minutes-sur-un-serveur-debian.html).
 
-Once you have configured your publickey access (and only when previous step was successfully tested, **unless you want to lose access to your server**), you can do the following.
+## Installation
 
-```bash
-morpheus@server $ sudo nano /etc/ssh/sshd_config
-```
+### Makefile
 
-And replace the following settings with the following values:
-```
-PasswordAuthentication no
-PermitRootLogin no
-```
+L'installation se fait par un makefile:
 
-Then restart your ssh server:
 ```bash
-morpheus@server $ sudo systemctl restart ssh
-
-#Check everything works well:
-morpheus@server $ sudo systemctl status ssh
+make install
 ```
 
+#### Configuration
 
-### Setup your firewall
-
-
-Using the given script, install your firewall. The best way to do this is to first clone this repository and then run the install script.
-
-** You will need `git` and `make` to be installed**
-
-```bash
-morpheus@server $ sudo apt-get update && sudo apt-get install git make
-morpheus@server $ git clone <THIS REPOS URL>
-morpheus@server $ cd linuxconfig
-morpheus@server $ sudo make
-```
+Editer le fichier `/etc/firewall/firewall.conf` et tester votre configuration
 
-#### Configuring the firewall
-Edit the /etc/firewall/firewall.conf file and then test your configuration
 
+#### Test du firewall
 
-#### Test the firewall
-The firewall is made to allow you testing new configuration for 30 seconds before it rollback to initial state. This is to avoid getting blocked by a misconfiguration.
+Le test se fait en tapant la commande suivante:
 
 ```bash
-morpheus@server $ sudo service firewall test
+$ sudo lightwall test
 ```
 
 #### Enable the firewall

scripts/firewall

@@ -10,7 +10,7 @@
 ### END INIT INFO
 
 #
-# Simple Firewall configuration.
+# Light Firewall configuration.
 #
 # Original author : Nicolargo
 #
@@ -39,7 +39,7 @@ REMOTE_UDP_SERVICES="53" # DNS
 # management network but remove it from TCP_SERVICES
 SSH_PORT="22"
 
-CONFIGURATION_FILE=/etc/firewall/firewall.conf
+CONFIGURATION_FILE=/etc/lfirewall/lfirewall.conf
 if [ -f $CONFIGURATION_FILE ] ; then
 	. $CONFIGURATION_FILE
 fi
@@ -213,7 +213,7 @@ case "$1" in
 		echo "###############################################################"
 		echo "I do not stop for now."
 		echo "Use 'clear' to remove all firewall blocking rules."
-		echo "Use 'dropall' to remove all firewall blocking rules."
+		echo "Use 'dropall' to stop any traffic and block everything."
 		echo "###############################################################"
 	;;
 	clear)