Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Chris Lowth <chris <at> lowth.com>
Subject: Linux 2.6 support for "rope" match module
Newsgroups: gmane.comp.security.firewalls.netfilter.devel
Date: Tuesday 3rd January 2006 11:15:23 UTC (over 11 years ago)
Following on from my message to this list of a month or so ago.. "rope" 
now works on linux 2.6 as well as 2.4. As yet SMP is not supported, but 
that is the next thing on my "to do" list, and should surface within a 
couple of months (time permitting).

Please feel free to download, play, comment / critique.

"rope" provides a kernel-level interpreter for a simple scripting 
language which can be used to develop netfilter match modules. The 
language is pre-compiled using a perl script, to produce a binary file 
that is loaded into the kernel using the "iptables" command. The 
language has access to many IP, TCP and UDP packet headers and the data 
payload. It was originally developed for use as a P2P protocol 
identification mechanism, but has wound up being general enough for 
wider use.

It's too large to supply here as a patch, but it can be downloaded from 
http://www.lowth.com/rope/Download.
The "Makefile" that comes with the 
software allows rope to patched into POMNG, or directly into the kernel 
and iptables.

As before .. the website www.lowth.com/rope includes a number of sample 
scripts, language documentation and tutorials - etc.
 
CD: 3ms