Merge branch 'main' of https://git.vascoalves.xyz/vasco/FSI

Suricata done
Actually done, now going to suricata this guy.
2026-03-22 10:46:03 +00:00 · 2026-03-22 10:41:11 +00:00 · 2026-03-21 19:43:15 +00:00 · 2026-03-21 19:17:12 +00:00 · 2026-03-21 18:38:11 +00:00 · 2026-03-21 18:23:13 +00:00
4 changed files with 2256 additions and 6 deletions
--- a/INTERNET.sh
+++ b/INTERNET.sh
@@ -9,7 +9,7 @@ sudo systemctl disable firewalld
 sudo systemctl mask firewalld
 sudo systemctl enable iptables
 sudo iptables -F
-sudo ifconfig enp0s8 $dn2 netmask $mask24
+sudo ifconfig enp0s8 $dns2 netmask $mask24
 sudo route add default gw $routerIp
-sudo ip addr add $dns2 dev enp0s8
+#sudo ip addr add $dns2 dev enp0s8
 sudo ip addr add $eden dev enp0s8
--- a/ROUTER.sh
+++ b/ROUTER.sh
@@ -85,12 +85,15 @@ sudo iptables -A FORWARD -i enp0s8 -o enp0s9 -s 23.214.219.133 -d 192.168.10.2 -
 sudo iptables -A FORWARD -i enp0s8 -o enp0s9 -s 23.214.219.133 -d 192.168.10.3 -j ACCEPT #NEDDS testing
 #FTP da internet WORRIED ???
 sudo iptables -A FORWARD -i enp0s10 -o enp0s9 -d 192.168.10.2 -p tcp --sport 21 -j ACCEPT #Changed
 sudo iptables -A FORWARD -i enp0s10 -o enp0s9 -d 192.168.10.2 -p tcp --dport 21 -j ACCEPT
 sudo iptables -A FORWARD -i enp0s9 -o enp0s10 -p tcp --sport 20 -j ACCEPT #MIGHT BE NEEDED
 #SSH CONNECTIONS datastore server but only from eden or dn2 DNAT -s servers, and port and -d interface
-sudo iptables -t nat -A PREROUTING -s $dn2 -d 87.248.214.97 -p tcp --dport 22 -j DNAT --to-destination 192.168.10.3
+sudo iptables -t nat -A PREROUTING -s $dns2 -p tcp --dport 22 -j DNAT --to-destination 192.168.10.3
-sudo iptables -t nat -A PREROUTING -s $eden -d 87.248.214.97 -p tcp --dport 22 -j DNAT --to-destination 192.168.10.3
+sudo iptables -t nat -A PREROUTING -s $eden -p tcp --dport 22 -j DNAT --to-destination 192.168.10.3
-sudo iptables -t nat -A PREROUTING -s $dn2 -d 87.248.214.97 -p tcp --sport 22 -j DNAT --to-destination 192.168.10.3
+sudo iptables -t nat -A PREROUTING -s $dns2 -p tcp --sport 22 -j DNAT --to-destination 192.168.10.3
-sudo iptables -t nat -A PREROUTING -s $eden -d 87.248.214.97 -p tcp --sport 22 -j DNAT --to-destination 192.168.10.3
+sudo iptables -t nat -A PREROUTING -s $eden -p tcp --sport 22 -j DNAT --to-destination 192.168.10.3
 sudo iptables -t nat -A PREROUTING -i enp0s10 -p tcp --dport 21 -j DNAT --to-destination 192.168.10.2
 sudo iptables -t nat -A PREROUTING -i enp0s10 -p tcp --sport 21 -j DNAT --to-destination 192.168.10.2
 sudo iptables -A FORWARD -i enp0s10 -o enp0s9 -d 192.168.10.3 -s $dns2 -p tcp --sport 22 -j ACCEPT #Need to check and make diferent ip addresses
 sudo iptables -A FORWARD -i enp0s10 -o enp0s9 -d 192.168.10.3 -s $eden -p tcp --sport 22 -j ACCEPT
 sudo iptables -A FORWARD -i enp0s10 -o enp0s9 -d 192.168.10.3 -s $dns2 -p tcp --dport 22 -j ACCEPT #Need to check and make diferent ip addresses
--- a/suricata.rules
+++ b/suricata.rules
@@ -0,0 +1,5 @@
 drop tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET"; flags:S; threshold:type both, track by_src, count 5, seconds 60; classtype:attempted-recon; sid:1000001; rev:1;)
 drop tcp any any -> any 80 (msg:"SQL injection"; content:"union"; nocase; content:"select"; nocase; classtype:web-application-attack; sid:1000002; rev:1;)
 drop tcp any any -> any 80 (msg:"SQl injection"; content:"'or 1=1"; nocase; classtype:web-application-attack; sid:1000003; rev:1;)
 drop tcp any any -> any 80 (msg:"XSS"; content:"<script"; nocase; classtype:web-application-attack; sid:1000004; rev:1;)
--- a/suricata.yaml
+++ b/suricata.yaml
Author	SHA1	Message	Date
root	9852a3f21b	Merge branch 'main' of https://git.vascoalves.xyz/vasco/FSI	2026-03-22 10:46:03 +00:00
root	e407142f66	Suricata done	2026-03-22 10:41:11 +00:00
jelly Tomas	cd05757575	Actually done, now going to suricata this guy.	2026-03-21 19:43:15 +00:00
jelly Tomas	79be50b220	Should be the final before suricata, v4	2026-03-21 19:17:12 +00:00
jelly Tomas	1f99e5d28a	Should be the final before suricata, v4	2026-03-21 18:38:11 +00:00
jelly Tomas	4e873db749	Should be the final before suricata, v3 FUCK	2026-03-21 18:23:13 +00:00