The first launch
By default, there is a parameter and a parameter in the settings testing = truetesting_interval = 5. This turns on the test mode and after starting the daemon, after 5 minutes the daemon will shut down and clear all the rules nftables. This is necessary so that before enabling it, you can test the rules and make sure that everything works as it should and that your access rights are not blocked. After you have made sure that everything is set up correctly, do not forget testing to change the parameter false.
The action plan after installation is as follows:
- We have checked and edited the settings (/etc/kor-elf-shield/kor-elf-shield.toml) for your tasks. Documentation on these settings is available here.
- We have checked and edited the farewall (/etc/kor-elf-shield/firewall.toml) settings for your tasks. Documentation on these settings is available here.
- We have checked and edited the settings of the log analyzer (/etc/kor-elf-shield/analyzer.toml) for your tasks. Documentation on these settings is available here.
- We have checked and edited the notification settings (/etc/kor-elf-shield/notifications.toml) for your tasks. Documentation on these settings is available here.
- We have checked and edited the docker (/etc/kor-elf-shield/docker.toml) settings for your tasks. Documentation on these settings is available here.
- We have checked and edited the settings for receiving IP addresses from various services that need to be blocked (/etc/kor-elf-shield/blocklists.toml) for your tasks. Documentation on these settings is available here.
- We have checked and edited the settings to receive IP address data (/etc/kor-elf-shield/geoip.toml) for your tasks. Documentation on these settings is available here.
- We tested it and made sure that everything was fine.
- Changing testing to false.
Attention by default, incoming and outgoing traffic is blocked. This behavior can be changed in the settings farewall.
To enable the program in autorun, run the command:
sudo systemctl enable kor-elf-shield
To start the program, run the command:
sudo systemctl start kor-elf-shield
To disable the program, run the command (but keep in mind that disabling the program does not clear the rules nftables):
sudo systemctl stop kor-elf-shield
If you want to stop the program from clearing the rules nftables, run the command:
kor-elf-shield stop