[5030] in linux-announce channel archive
Linux-Announce Digest #323
daemon@ATHENA.MIT.EDU (Digestifier)
Thu Jan 5 13:13:06 2006
From: Digestifier <Linux-Announce-Request@senator-bedfellow.mit.edu>
To: Linux-Announce@senator-bedfellow.mit.edu
Reply-To: Linux-Announce@senator-bedfellow.mit.edu
Date: Thu, 5 Jan 2006 13:13:04 EST
Linux-Announce Digest #323, Volume #5 Thu, 5 Jan 2006 13:13:04 EST
Contents:
IpTables ROPE 20051223 - packet match rule scripting language (Chris Lowth)
[COMMERCIAL] cqsat 0.9a ("JR")
----------------------------------------------------------------------------
Date: Thu, 5 Jan 2006 05:13:37 -0600
From: Chris Lowth <chris@lowth.com>
Subject: IpTables ROPE 20051223 - packet match rule scripting language
A new version of "Rope" has been released. Changes since the last
announcement include...
. Support for linux 2.6 kernels (not SMP)
. Integration with ipset match module
. Simplified installation and building
. New OpenNAP protocol identification script
. Improved version reporting and handling
. Sample rc.d script for use with Ipcop
. Various other minor fixes and enhancements
ROPE is a scritable packet match module for Linux iptables / Netfilter. It
allows packet matching criteria to be written using a simple scripting
language which is executed in and by the Linux kernel.
It is available under the GPL from http://www.lowth.com/rope.
A simple example :- a rule that limits the size of pages downloaded over
HTTP based on the Content-Length header could prevent long downloads
before they even start. Here's a trivial ROPE script to provide this
logic...
$tcp_source 80 eq assert # check that it's HTTP
expecti_to( "Content-Length: " ) # find the header
expect_while({isdigit}) put($n) # lift the length value
if( atoi($n) 1000000 gt { yes } ) # match: if too long
no # dont match: if not
If this script is stored as "contlen.rope" and compiled as "contlen.rp",
then it can be installed into an Iptables chain using a command like.
iptables -A FORWARD -m rope --rope-script contlen -j DROP
For more information (including a more thorough version of the example
script), please refer to:
http://www.lowth.com/rope
##########################################################################
# Send submissions for comp.os.linux.announce to: cola@stump.algebra.com #
# PLEASE remember a short description of the software and the LOCATION. #
# This group is archived at http://stump.algebra.com/~cola/ #
##########################################################################
------------------------------
From: "JR" <x-lists@cqsat.com>
Subject: [COMMERCIAL] cqsat 0.9a
Date: Thu, 5 Jan 2006 11:00:44 -0600
This is to inform of the first public release of CQSAT ~ a powerful C/C++
bug detection tool.
This is release 0.9a for linux. It is bundled with the security (taint
analysis) rulepack.
home page: http://www.cqsat.com
Description:
CQSAT uses LD_PRELOAD to gather build and source data without any change to
the development/build environment. Deep optimized path analysis is run over
the compiler internal representation (AST) to find bugs. Results are
displayed in a code browser and cross-referencer.
~ Finds real buffer overruns, security vulnerabilities
~ Real bugs, few false positives
~ Context-sensitive
~ Easy to install and use
~ Code browser and cross-referencer
~ Finds dead code
~ Works on large code bases
CQSAT.com is a commercial venture. Feedback appreciated
##########################################################################
# Send submissions for comp.os.linux.announce to: cola@stump.algebra.com #
# PLEASE remember a short description of the software and the LOCATION. #
# This group is archived at http://stump.algebra.com/~cola/ #
##########################################################################
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: Linux-Announce-Request@NEWS-DIGESTS.MIT.EDU
You can submit announcements to be moderated via:
Internet: linux-announce@NEWS.ORNL.GOV
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Announce Digest
******************************
