Home

Awesome

LOGO

SKUDONET Open Source Load Balancer and Open Source WAF

This is the repository of SKUDONET Open Source Load Balancer and Open Source WAF Community Edition (Zen Load Balancer CE next generation) and it'll guide you to install a development and testing instance of load balancer.

Repository Contents

In this repository you'll find the source code usually placed into the folder /usr/local/skudonet/ with the following structure:

SKUDONET Load Balancer Installation

Currently, there is only available package for Debian Bookworm, the installation is not supported out of this operating system.

There are two options to deploy a SKUDONET load balancer: The first is deploying the SKUDONET CE ISO, and the other is deploying a Debian Bookworm image and installing Skudonet with its dependencies.

ISO

SKUDONET CE ISO is a Debian Bookworm template with Skudonet already installed. It can be got from the following link, clicking on the "Download ISO image" button.

https://www.skudonet.com/products/community/

UEFI

Installation on Debian Bookworm

If you prefer install skudonet yourself, you should get a Debian ISO installable from debian.org. This installation process has been only tested with the 64 bits version.

Please, take into account these requirements before installing the load balancer:

  1. You'll need at least 1,5 GB of storage.

  2. Install a fresh and basic Debian Bookworm (64 bits) system with openssh and the basic system tools package recommended during the distribution installation.

  3. Configure the load balancer with a static IP address. SKUDONET Load Balancer doesn't support DHCP yet.

  4. Configure the apt repositories in order to be able to install some dependencies.

This git repository only contains the source code, the installable packages based in this code are updated in our Skudonet APT repos, you can use them configuring your Debian Bookworm system as follows:

root@skudonetlb#> echo "deb http://repo.skudonet.com/ce/v7 bookworm main" >> /etc/apt/sources.list.d/skudonet.list
root@skudonetlb#> wget -O - http://repo.skudonet.com/ce/skudonet.com.gpg.key | apt-key add -

Now, update the local APT database

root@skudonetlb#> apt-get update

And finally, install the Skudonet CE

root@skudonetlb#> apt-get install skudonet

Install the OWASP CoreRuleSet Rules in SKUDONET Community version

  1. Go to a directory to download the OWASP CoreRuleSet
root@skudonetlb#> cd /opt
  1. Download the latest OWASP CoreRuleSet
root@skudonetlb#> wget https://github.com/coreruleset/coreruleset/archive/refs/heads/main.zip
  1. Decompress the OWASP CoreRuleSet file
root@skudonetlb#> unzip main.zip
  1. Copy all the Rulesets and data to SKUDONET IPDS WAF Rulesets config directory
root@skudonetlb#> cp coreruleset-main/rules/* /usr/local/skudonet/config/ipds/waf/sets/
  1. Copy the setup example file to SKUDONET IPDS WAF Rulesets config directory It is mandatory to setup tx.crs_setup_version
root@skudonetlb#> grep -v "^SecDefaultAction" coreruleset-main/crs-setup.conf.example > /usr/local/skudonet/config/ipds/waf/sets/REQUEST-90-CONFIGURATION.conf

Now the SKUDONET Opensource Load Balancer has all the OWASP Rulesets and them can be applied to the HTTP/S Farms.

Updates

Please use the Skudonet APT repo in order to check if updates are available.

Troubleshooting

The Perl errors are logging to /var/log/cherokee-error.log file. The Web GUI access logs are logging to /var/log/cherokee-access.log file. All the software logs ( farm logs, WAF logs, SKUDONET logs ) go to /var/log/syslog file. Config files are saved in the directory /usr/local/skudonet/config. SKUDONET WAF Rulesets are saved in the directory /usr/local/skudonet/config/ipds/waf/sets.

How to Contribute

You can contribute with the evolution of the SKUDONET Load Balancer in a wide variety of ways:

Reporting Bugs

Please use the GitHub project Issues to report any issue or bug with the software. Try to describe the problem and a way to reproduce it. It'll be useful to attach the service and network configurations as well as system and services logs.

Development & Resolving Bugs

In order to commit any change, as new features, bug fix or improvement, just perform a git clone of the repository, git add when all the changes has been made and git commit when you're ready to send the change.

During the submit, please ensure that every change is associated to a logical change in order to be easily identified every change.

In the commit description please use the following format:

[CATEGORY] CHANGE_SHORT_DESCRIPTION

OPTIONAL_LONGER_DESCRIPTION

SIGNED_OFFS

MODIFIED_FILES

Where:

Usually, executing git commit -a -s will create the fields described above.

Finally, just execute a git push and request a pull of your changes. In addition, you can use git format-patch to create your patches and send them through the official distribution list.

Screenshots

skd7_dashboard skd7_farms skd7_letsencrypt skd7_services skd7_dhcp skd7_wafedit skd7_waffarm

Creating & Updating Documentation or Translations

In the official GitHub wiki there is available a list of pages and it's translations. Please clone the wiki, apply your changes and request a pull in order to be applied.

Helping another Users

The official distribution list could be accessed through the skudonet-ce-users google group.

To post in this group, send email to skudonet-ce-users@skudonet.com.

But you need to request a join first into the group by sending an email to skudonet-ce-users+subscribe@skudonet.com.

To unsubscribe from this group, send email to skudonet-ce-users+unsubscribe@skudonet.com

For more options, visit https://groups.google.com/a/skudonet.com/d/optout

www.skudonet.com