Note : NuFW has been renamed ufwi-filterd (see http://ufwi.org/). This page needs to be updated.
This section explains how to install NuFW, including Prelude support, from the tarball available from the main website. However, NuFW might be included with your distribution as a package and it would be easier to install it this way.
Get the sources¶
Then, compile and install NuFW using the following:
$ ./configure [other args] --with-prelude-log $ make # make install
In order to enable NuFW to send authentication events to Prelude-Manager, add nuprelude to the nuauth_auth_error_logs_module variable in $prefix/etc/nufw/nuauth.conf:
In order to enable NuFW to send connection/disconnection events to Prelude-Manager, add nuprelude to the nuauth_user_session_logs_module variable in $prefix/etc/nufw/nuauth.conf:
In order to enable NuFW to generate events to Prelude-Manager for every packets caught (hint: you don't want to do that), add nuprelude to the nuauth_user_logs_module variable in $prefix/etc/nufw/nuauth.conf:
You now you need to create NuFW profile with a command like:
$ prelude-admin register nufw "idmef:w admin:r" <manager address> --uid X --gid X
and follow the instructions. If the registration is successful - you are ready to test your installation. please check the Agents Registration Page for more details about sensors registration.