5 the purpose of ip control is to be a all-consuming ip management solution.
7 This include firewalling, address management, dns site-to-site vpn (openvpn) and dhcp..
9 this project will be the first attempt at using xmpp as a source for linux configuration management
11 this project will essentially turn every linux box connected to the system into a firewall as all rules will be pushed to all boxes... i think...
13 each box will have control over its ability to route and its interface ip addresses, but thats about it.
18 Most of what im trying to do here has been spawned by ipv6. With ipv6 (and more importantly dual-stack ipv6/v4, which will become
19 common place) the need for a naming structure has become important. Also, the need to manage the address space has become even more
20 critical cause iana are giving ipv6 addresses like they're candy.
22 Anyways, when trying to implement dual-stack you get stuck in a situation of having to re-work everything cause you create rules
23 for ipv4, then another set for ipv6. It gets more complicated by the fact that ipv6 gets a trillion ip's fore each host (ok so i am
24 exajurating, but what i mean is that you have possibly a real address and a link local address on each interface).
26 So this software will try and think of everything in terms of names... for eg a host will have a name "host" and a network
27 might have a name "network", thus to define firewall rules we define either host->network, network->host, host->host or
28 network->network and then let the infrastructure turn the rules into valid iptables objects.
31 What we want to be able to do?
32 ==============================
33 1) define a host as having dns, dhcp, dhcp-relay, vpn, ipv6, ipv4
34 2) define networks (ipv6 and ipv4)
36 4) connect them all via xmpp
projects / ipcontrol.git / blob