Apologies for the cross post, but this appears to be ... interesting. Devdas Bhagat
----- Forwarded message from Christopher Hicks <[EMAIL PROTECTED]> ----- From: Christopher Hicks <[EMAIL PROTECTED]> Date: Tue, 14 Dec 2004 09:08:38 -0500 (EST) To: Firewall Wizards Mailing List <[EMAIL PROTECTED]> Subject: [fw-wiz] ROPE iptables scripting module This was the first I heard of this and it might interest some of you. If anybody tries it and has any opinions about it I'd love to hear it on or off list. Date: Mon, 13 Dec 2004 02:03:40 CST From: Chris Lowth <[EMAIL PROTECTED]> Subject: ANNOUNCE: Rope 20041212 - IpTables match module scripting language A new version of "Rope" has been released. Changes since the last announcement include... . basic integration with ConnTrack. . access to ICMP header fields . symbolic constances . rationalisation of IP address handling . "expect_while" optimisation . loop counter limits ROPE is a match module for Linux iptables / Netfilter. It allows packet matching criteria to be written using a simple scripting language which is executed in and by the Linux kernel. It is available under the GPL from http://www.lowth.com/rope. The current version should be considered experimental; dont deploy on mission-critical systems, but please feel free to download, explore and feedback. An example :- a rule that limits the size of pages downloaded over HTTP based on the Content-Length header could prevent long downloads before they even start. Here's a simple ROPE script to provide this logic... $tcp_source 80 eq assert # check it's HTTP expecti_to( "Content-Length: " ) # find the header expect_while({isdigit}) put($n) # lift the length value if( atoi($n) 1000000 gt { yes } ) # match: if too long no # dont match: if not If this script is stored as "contlen.rope", then it is installed into an Iptables chain using a command like. iptables -A FORWARD -m rope --script contlen -j DROP For more information (including a more thorough version of the example script), please refer to: http://www.lowth.com/rope -- </chris> "Fans of Mozilla's free, open-source Firefox browser make the ardent Apple faithful look like a bunch of slackers." - Rebecca Lieb at clickz.com _______________________________________________ firewall-wizards mailing list [EMAIL PROTECTED] http://honor.icsalabs.com/mailman/listinfo/firewall-wizards ----- End forwarded message ----- ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ _______________________________________________ linux-india-help mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/linux-india-help
