echo shoes
Sponsored Links
Sponsored Links
Secleted [ 0 ] software to compare
Results 1 - 15 of about 189
Echoserver 1.3
See what browsers and programs are sending to an HTTP Server. Simple server just dumps whatever it receives on the console. Echoserver is misnamed because it does not actually echo what it receives back to the browser. more>>
Echoserver - See what browsers and programs are sending to an HTTP Server.
Simple server just dumps whatever it receives on the console.
Echoserver is misnamed because it does not actually echo what it receives
back to the browser.
Enhancements:
Version 1.3
change pad directory structure
System Requirements:<<less
Download (520Kb)
Added: 2006-03-06 License: Free Price: Free
13 downloads
Shelisp 2
Shelisp is a very short program that provides mechanisms for composing and running Unix shell. more>>
Shelisp is a very short program that provides mechanisms for composing and running Unix shell (particularly bash) commands and constructs from Common Lisp.
To run shelisp, say at the command prompt:
lisp -load shelisp.lisp
This should start CMU Common Lisp and provide the prompt, *. A more convenient form could be to start emacs, and issue the command M-x cmulisp that will start an `inferior lisp mode with cmu; then, say:
(load "shelisp.lisp")
The bang (!) escape to shell
Now you can say (the * is already put there by cmulisp):
- !ls
And it will execute the shell ls command (by running a bash instance and passing the command to it.
Of course, you are actually in Lisp. You can try this:
- (defun factorial (x) (if (zerop x) 1 (* x (factorial (1- x)))))
FACTORIAL
- (factorial 33)
8683317618811886495518194401280000000
So, if you enter ``! the rest of the line (until the first end of line that is not escaped with a ``) is interpreted as a bash command and the result is printed on the standard output.
Now try:
- !echo ?(+ 2 3) zuzu
5zuzu
The `? is the lisp escape. It is followed by an s-expression which is read, executed and printed (with princ) and the printed result replaces the `? and the expression in the shell command. It can be any Lisp expression.
- !echo ?(+ 2/3 2/11) "<<less
To run shelisp, say at the command prompt:
lisp -load shelisp.lisp
This should start CMU Common Lisp and provide the prompt, *. A more convenient form could be to start emacs, and issue the command M-x cmulisp that will start an `inferior lisp mode with cmu; then, say:
(load "shelisp.lisp")
The bang (!) escape to shell
Now you can say (the * is already put there by cmulisp):
- !ls
And it will execute the shell ls command (by running a bash instance and passing the command to it.
Of course, you are actually in Lisp. You can try this:
- (defun factorial (x) (if (zerop x) 1 (* x (factorial (1- x)))))
FACTORIAL
- (factorial 33)
8683317618811886495518194401280000000
So, if you enter ``! the rest of the line (until the first end of line that is not escaped with a ``) is interpreted as a bash command and the result is printed on the standard output.
Now try:
- !echo ?(+ 2 3) zuzu
5zuzu
The `? is the lisp escape. It is followed by an s-expression which is read, executed and printed (with princ) and the printed result replaces the `? and the expression in the shell command. It can be any Lisp expression.
- !echo ?(+ 2/3 2/11) "<<less
Download (0.005MB)
Added: 2006-08-20 License: GPL (GNU General Public License) Price:
1163 downloads
HSH 1.2.0
HSH is designed to let you mix and match shell expressions with Haskell programs. more>>
HSH project is designed to let you mix and match shell expressions with Haskell programs. With HSH, it is possible to easily run shell commands, capture their output or provide their input, and pipe them to/from other shell commands and arbitrary Haskell functions at will.
Here are a few examples to get you started:
run $ "echo /etc/pass*" :: IO String
-> "/etc/passwd /etc/passwd-"
runIO $ "ls -l" -|- "wc -l"
-> 12
runIO $ "ls -l" -|- wcL
-> 12
runIO $ ("ls", ["-l", "file with spaces.txt"])
glob "~jgoerzen" >>= cd . head
wcL is a pure Haskell function defined in HSH.ShellEquivs.wcL
<<lessHere are a few examples to get you started:
run $ "echo /etc/pass*" :: IO String
-> "/etc/passwd /etc/passwd-"
runIO $ "ls -l" -|- "wc -l"
-> 12
runIO $ "ls -l" -|- wcL
-> 12
runIO $ ("ls", ["-l", "file with spaces.txt"])
glob "~jgoerzen" >>= cd . head
wcL is a pure Haskell function defined in HSH.ShellEquivs.wcL
Download (0.025MB)
Added: 2007-03-09 License: LGPL (GNU Lesser General Public License) Price:
959 downloads
kfilewatcher 0.1
kfilewatcher project watches for file changes and allows you to react on them. more>>
kfilewatcher project watches for file changes and allows you to react on them.
Example:
kfilewatcher /tmp/test 2>&1 | while read a; do echo "File has changed - doing something"; done
This command does something every time kfilewatcher detects a change. At the moment, the only action is to output "File has changed - doing something", but you can write anything there, e.g.
- backup stuff as soon as it changes
- publish files on your homepage everytime they change
- keep directories in sync
<<lessExample:
kfilewatcher /tmp/test 2>&1 | while read a; do echo "File has changed - doing something"; done
This command does something every time kfilewatcher detects a change. At the moment, the only action is to output "File has changed - doing something", but you can write anything there, e.g.
- backup stuff as soon as it changes
- publish files on your homepage everytime they change
- keep directories in sync
Download (1.7MB)
Added: 2006-12-28 License: GPL (GNU General Public License) Price:
1030 downloads
posh 0.3.14
posh is a Policy-compliant Ordinary SHell. more>>
posh is a stripped-down version of pdksh with several improvements that aims for compliance with Debians /bin/sh policy, and few extra features.
Currently, Debians policy is to adhere to POSIX with the exception of supporting echo -n, so posh strives toward compliance with SUSv3 (with the exception of echo -n).
<<lessCurrently, Debians policy is to adhere to POSIX with the exception of supporting echo -n, so posh strives toward compliance with SUSv3 (with the exception of echo -n).
Download (0.65MB)
Added: 2005-04-04 License: GPL (GNU General Public License) Price:
1663 downloads
Echo2 Web Framework 2.1.0 Beta 5
Echo2 is the next-generation of the Echo Web Framework. more>>
Echo2 Web Framework is the next-generation of the Echo Web Framework, a platform for developing web-based applications that approach the capabilities of rich clients.
The 2.0 version holds true to the core concepts of Echo while providing dramatic performance, capability, and user-experience enhancements made possible by its new Ajax-based rendering engine.
Echo2 removes the developer from having to think in terms of "page-based" applications and enables him/her to develop applications using the conventional object-oriented and event-driven paradigm for user interface development.
Knowledge of HTML, HTTP, and JavaScript is not required. Applications may be hosted using any Java servlet container.
Enhancements:
- This release added support for setting render IDs on Components such that Echo2 applications may be tested with browser-based unit-testing environments such as Selenium.
<<lessThe 2.0 version holds true to the core concepts of Echo while providing dramatic performance, capability, and user-experience enhancements made possible by its new Ajax-based rendering engine.
Echo2 removes the developer from having to think in terms of "page-based" applications and enables him/her to develop applications using the conventional object-oriented and event-driven paradigm for user interface development.
Knowledge of HTML, HTTP, and JavaScript is not required. Applications may be hosted using any Java servlet container.
Enhancements:
- This release added support for setting render IDs on Components such that Echo2 applications may be tested with browser-based unit-testing environments such as Selenium.
Download (4.1MB)
Added: 2006-08-09 License: LGPL (GNU Lesser General Public License) Price:
673 downloads
SafeSQL 2.2
SafeSQL project is an SQL query processer to automate the tedious tasks of syntax testing. more>>
SafeSQL project is an SQL query processer to automate the tedious tasks of syntax testing, injection attack-proofing, dropping parts of queries and other misc features. It has only been tested with MySQL syntax, but any ANSI SQL-92 compliant db library should work OK.
SYNOPSIS:
require SafeSQL.class.php;
// dummy up a variable with a single quote in it
$section_name = "freds place";
// run the query through SafeSQL
$safesql =& new SafeSQL_MySQL;
$query_string = $safesql->query("select * from sections
where Section_Name = %s", array($section_name));
echo $query_string;
OUTPUT:
select * from sections where Section_Name = freds place
// $query_string is now safe to pass to your SQL library
Enhancements:
- This release adds %n and %N for handling quoted and (non-quoted) NULL values.
<<lessSYNOPSIS:
require SafeSQL.class.php;
// dummy up a variable with a single quote in it
$section_name = "freds place";
// run the query through SafeSQL
$safesql =& new SafeSQL_MySQL;
$query_string = $safesql->query("select * from sections
where Section_Name = %s", array($section_name));
echo $query_string;
OUTPUT:
select * from sections where Section_Name = freds place
// $query_string is now safe to pass to your SQL library
Enhancements:
- This release adds %n and %N for handling quoted and (non-quoted) NULL values.
Download (0.007MB)
Added: 2007-04-06 License: LGPL (GNU Lesser General Public License) Price:
933 downloads
mass
mass is a program that lets a system administrator execute programs on some set of machines as root. more>>
mass.pl is the implementation of a relatively simple idea. Instead of interactively doing some task on one machine, then duplicating the effort on N other machines, write a shell script, then scp it to N machines and execute it as root.
Example
(sic@foo)($:~/mass)- ./mass.pl --name solaris --script pushsomething --su --sshpass
sudo password:
ssh password:
trying to run pushsomething on 1 machines
test
test
PING test.example.com (10.1.1.10) from 10.1.2.3 : 56(84) bytes of data.
64 bytes from 10.1.1.10: icmp_seq=1 ttl=64 time=0.142 ms
--- test.example.com ping statistics ---
1 packets transmitted, 1 received, 0% loss, time 0ms
rtt min/avg/max/mdev = 0.142/0.142/0.142/0.000 ms
pushsomething 100% |*****************************| 183 00:00
test.txt 100% |*****************************| 15 00:00
sic@tests password: sh-2.05a$ PS1=$ ; PATH=/usr/local/bin:/bin:/usr/bin:/usr/s;export PS1;export PATH
$ sudo -K ; sudo sh
Password:
$ PATH=/usr/local/bin:/bin:/usr/bin:/usr/sbin:/usr/local/sbin:/sbin ; export PATH
$ if [ `id|cut -d -f 1` = uid=0(root) ]; then PS1=# ; fi
# sh pushsomething && echo script done || echo script failed
script done
# /bin/rm pushsomething test.txt && echo removed pushsomething test.txt
removed pushsomething test.txt
#
1 passed: test
0 failed:
0 fatal errors:
<<lessExample
(sic@foo)($:~/mass)- ./mass.pl --name solaris --script pushsomething --su --sshpass
sudo password:
ssh password:
trying to run pushsomething on 1 machines
test
test
PING test.example.com (10.1.1.10) from 10.1.2.3 : 56(84) bytes of data.
64 bytes from 10.1.1.10: icmp_seq=1 ttl=64 time=0.142 ms
--- test.example.com ping statistics ---
1 packets transmitted, 1 received, 0% loss, time 0ms
rtt min/avg/max/mdev = 0.142/0.142/0.142/0.000 ms
pushsomething 100% |*****************************| 183 00:00
test.txt 100% |*****************************| 15 00:00
sic@tests password: sh-2.05a$ PS1=$ ; PATH=/usr/local/bin:/bin:/usr/bin:/usr/s;export PS1;export PATH
$ sudo -K ; sudo sh
Password:
$ PATH=/usr/local/bin:/bin:/usr/bin:/usr/sbin:/usr/local/sbin:/sbin ; export PATH
$ if [ `id|cut -d -f 1` = uid=0(root) ]; then PS1=# ; fi
# sh pushsomething && echo script done || echo script failed
script done
# /bin/rm pushsomething test.txt && echo removed pushsomething test.txt
removed pushsomething test.txt
#
1 passed: test
0 failed:
0 fatal errors:
Download (0.012MB)
Added: 2005-09-21 License: Artistic License Price:
2368 downloads
Configuration with no services supported
Configuration with no services supported script is for a single host firewall configuration with no services supported. more>>
Configuration with no services supported script is for a single host firewall configuration with no services supported by the firewall machine itself.
Sample:
# USER CONFIGURABLE SECTION
# The name and location of the ipchains utility.
IPTABLES=iptables
# The path to the ipchains executable.
PATH="/usr/local/sbin"
# Our internal network address space and its supporting network device.
OURNET="10.5.0.0/24"
OURBCAST="10.5.0.255"
OURDEV="eth0"
# The outside address and the network device that supports it.
ANYADDR="0/0"
ANYDEV="ppp0"
# The TCP services we wish to allow to pass - "" empty means all ports
# note: comma separated
TCPIN="ssh,ftp,ftp-data"
TCPOUT="smtp,www,ssh,telnet,ftp,ftp-data,irc,http"
# The UDP services we wish to allow to pass - "" empty means all ports
# note: comma separated
UDPIN="domain"
UDPOUT="domain"
# The ICMP services we wish to allow to pass - "" empty means all types
# ref: /usr/include/netinet/ip_icmp.h for type numbers
# note: comma separated
ICMPIN="0,3,11"
ICMPOUT="8,3,11"
# Logging; uncomment the following line to enable logging of datagrams
# that are blocked by the firewall.
# LOGGING=1
# END USER CONFIGURABLE SECTION
####################################
# Flush the Input table rules
echo -n Flushing forward... && {
$IPTABLES -F FORWARD
} && echo done
# We want to deny incoming access by default.
# echo -n Denying incoming access... && {
# $IPTABLES -P FORWARD drop
# } && echo done
# Drop all datagrams destined for this host received from outside.
echo -n Dropping incoming datagrams... && {
$IPTABLES -A INPUT -i $ANYDEV -j DROP
} && echo done
# SPOOFING
# We should not accept any datagrams with a source address matching ours
# from the outside, so we deny them.
echo -n Preventing spoofing... && {
$IPTABLES -A FORWARD -s $OURNET -i $ANYDEV -j DROP
} && echo done
# SMURF
# Disallow ICMP to our broadcast address to prevent "Smurf" style attack.
echo -n Preventing SMURFs... && {
$IPTABLES -A FORWARD -p icmp -i $ANYDEV -d $OURNET -j DROP
} && echo done
# We should accept fragments, in iptables we must do this explicitly.
echo -n Accepting fragments... && {
$IPTABLES -A FORWARD -f -j ACCEPT
} && echo done
# TCP
# We will accept all TCP datagrams belonging to an existing connection
# (i.e. having the ACK bit set) for the TCP ports were allowing through.
# This should catch more than 95 % of all valid TCP packets.
echo -n Accepting valid incoming tcp datagrams on existing connections... && {
$IPTABLES -A FORWARD -m multiport -p tcp -d $OURNET --dports $TCPIN ! --tcp-flags SYN,ACK ACK -j ACCEPT
} && echo done
echo -n Accepting valid outgoing tcp datagrams on existing connections... && {
$IPTABLES -A FORWARD -m multiport -p tcp -s $OURNET --sports $TCPIN ! --tcp-flags SYN,ACK ACK -j ACCEPT
} && echo done
# TCP - INCOMING CONNECTIONS
# We will accept connection requests from the outside only on the
# allowed TCP ports.
echo -n Accepting incoming tcp connections on allowed ports... && {
$IPTABLES -A FORWARD -m multiport -p tcp -i $ANYDEV -d $OURNET --dports $TCPIN --syn -j ACCEPT
} && echo done
# TCP - OUTGOING CONNECTIONS
# We will accept all outgoing tcp connection requests on the allowed TCP ports.
echo -n Accepting outgoing traffic on allowed tcp ports... && {
$IPTABLES -A FORWARD -m multiport -p tcp -i $OURDEV -d $ANYADDR --dports $TCPOUT --syn -j ACCEPT
} && echo done
# UDP - INCOMING
# allow UDP datagrams in on the allowed ports and back.
echo -n Allowing UDP datagrams in on the allowed ports and back... && {
$IPTABLES -A FORWARD -m multiport -p udp -i $ANYDEV -d $OURNET --dports $UDPIN -j ACCEPT
$IPTABLES -A FORWARD -m multiport -p udp -i $ANYDEV -s $OURNET --sports $UDPIN -j ACCEPT
} && echo done
# UDP - OUTGOING
# We will allow UDP datagrams out to the allowed ports and back.
echo -n Allowing UDP datagrams out on the allowed ports and back... && {
$IPTABLES -A FORWARD -m multiport -p udp -i $OURDEV -d $ANYADDR --dports $UDPOUT -j ACCEPT
$IPTABLES -A FORWARD -m multiport -p udp -i $OURDEV -s $ANYADDR --sports $UDPOUT -j ACCEPT
} && echo done
# ICMP - INCOMING
# We will allow ICMP datagrams in of the allowed types.
# echo -n Allowing ICMP datagrams in of the allowed types... && {
# $IPTABLES -A FORWARD -p icmp -i $ANYDEV -d $OURNET --icmp-type $ICMPIN -j ACCEPT
# } && echo done
# ICMP - OUTGOING
# We will allow ICMP datagrams out of the allowed types.
# echo -n Allowing ICMP datagrams out of the allowed types... && {
# $IPTABLES -A FORWARD -p icmp -i $OURDEV -d $ANYADDR --icmp-type $ICMPOUT -j ACCEPT
# } && echo done
# DEFAULT and LOGGING
# All remaining datagrams fall through to the default
# rule and are dropped. They will be logged if youve
# configured the LOGGING variable above.
#
# DoS
# enabling Syn-flood protection
echo -n Enabling Syn-flood protection... && {
iptables -A FORWARD -p tcp --syn -m limit --limit 1/s -j ACCEPT
} && echo done
# Enabling Furtive port scanner protection
echo -n Enabling Furtive port scanner protection... && {
iptables -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 1/s -j ACCEPT
} && echo done
# Enabling ping of death protection
echo -n Enabling ping of death protection... && {
iptables -A FORWARD -p icmp --icmp-type echo-request -m limit --limit 1/s -j ACCEPT
} && echo done
if [ "$LOGGING" ]
then
# Log barred TCP
$IPTABLES -A FORWARD -m tcp -p tcp -j LOG
# Log barred UDP
$IPTABLES -A FORWARD -m udp -p udp -j LOG
# Log barred ICMP
$IPTABLES -A FORWARD -m udp -p icmp -j LOG
fi
#
# end.
<<lessSample:
# USER CONFIGURABLE SECTION
# The name and location of the ipchains utility.
IPTABLES=iptables
# The path to the ipchains executable.
PATH="/usr/local/sbin"
# Our internal network address space and its supporting network device.
OURNET="10.5.0.0/24"
OURBCAST="10.5.0.255"
OURDEV="eth0"
# The outside address and the network device that supports it.
ANYADDR="0/0"
ANYDEV="ppp0"
# The TCP services we wish to allow to pass - "" empty means all ports
# note: comma separated
TCPIN="ssh,ftp,ftp-data"
TCPOUT="smtp,www,ssh,telnet,ftp,ftp-data,irc,http"
# The UDP services we wish to allow to pass - "" empty means all ports
# note: comma separated
UDPIN="domain"
UDPOUT="domain"
# The ICMP services we wish to allow to pass - "" empty means all types
# ref: /usr/include/netinet/ip_icmp.h for type numbers
# note: comma separated
ICMPIN="0,3,11"
ICMPOUT="8,3,11"
# Logging; uncomment the following line to enable logging of datagrams
# that are blocked by the firewall.
# LOGGING=1
# END USER CONFIGURABLE SECTION
####################################
# Flush the Input table rules
echo -n Flushing forward... && {
$IPTABLES -F FORWARD
} && echo done
# We want to deny incoming access by default.
# echo -n Denying incoming access... && {
# $IPTABLES -P FORWARD drop
# } && echo done
# Drop all datagrams destined for this host received from outside.
echo -n Dropping incoming datagrams... && {
$IPTABLES -A INPUT -i $ANYDEV -j DROP
} && echo done
# SPOOFING
# We should not accept any datagrams with a source address matching ours
# from the outside, so we deny them.
echo -n Preventing spoofing... && {
$IPTABLES -A FORWARD -s $OURNET -i $ANYDEV -j DROP
} && echo done
# SMURF
# Disallow ICMP to our broadcast address to prevent "Smurf" style attack.
echo -n Preventing SMURFs... && {
$IPTABLES -A FORWARD -p icmp -i $ANYDEV -d $OURNET -j DROP
} && echo done
# We should accept fragments, in iptables we must do this explicitly.
echo -n Accepting fragments... && {
$IPTABLES -A FORWARD -f -j ACCEPT
} && echo done
# TCP
# We will accept all TCP datagrams belonging to an existing connection
# (i.e. having the ACK bit set) for the TCP ports were allowing through.
# This should catch more than 95 % of all valid TCP packets.
echo -n Accepting valid incoming tcp datagrams on existing connections... && {
$IPTABLES -A FORWARD -m multiport -p tcp -d $OURNET --dports $TCPIN ! --tcp-flags SYN,ACK ACK -j ACCEPT
} && echo done
echo -n Accepting valid outgoing tcp datagrams on existing connections... && {
$IPTABLES -A FORWARD -m multiport -p tcp -s $OURNET --sports $TCPIN ! --tcp-flags SYN,ACK ACK -j ACCEPT
} && echo done
# TCP - INCOMING CONNECTIONS
# We will accept connection requests from the outside only on the
# allowed TCP ports.
echo -n Accepting incoming tcp connections on allowed ports... && {
$IPTABLES -A FORWARD -m multiport -p tcp -i $ANYDEV -d $OURNET --dports $TCPIN --syn -j ACCEPT
} && echo done
# TCP - OUTGOING CONNECTIONS
# We will accept all outgoing tcp connection requests on the allowed TCP ports.
echo -n Accepting outgoing traffic on allowed tcp ports... && {
$IPTABLES -A FORWARD -m multiport -p tcp -i $OURDEV -d $ANYADDR --dports $TCPOUT --syn -j ACCEPT
} && echo done
# UDP - INCOMING
# allow UDP datagrams in on the allowed ports and back.
echo -n Allowing UDP datagrams in on the allowed ports and back... && {
$IPTABLES -A FORWARD -m multiport -p udp -i $ANYDEV -d $OURNET --dports $UDPIN -j ACCEPT
$IPTABLES -A FORWARD -m multiport -p udp -i $ANYDEV -s $OURNET --sports $UDPIN -j ACCEPT
} && echo done
# UDP - OUTGOING
# We will allow UDP datagrams out to the allowed ports and back.
echo -n Allowing UDP datagrams out on the allowed ports and back... && {
$IPTABLES -A FORWARD -m multiport -p udp -i $OURDEV -d $ANYADDR --dports $UDPOUT -j ACCEPT
$IPTABLES -A FORWARD -m multiport -p udp -i $OURDEV -s $ANYADDR --sports $UDPOUT -j ACCEPT
} && echo done
# ICMP - INCOMING
# We will allow ICMP datagrams in of the allowed types.
# echo -n Allowing ICMP datagrams in of the allowed types... && {
# $IPTABLES -A FORWARD -p icmp -i $ANYDEV -d $OURNET --icmp-type $ICMPIN -j ACCEPT
# } && echo done
# ICMP - OUTGOING
# We will allow ICMP datagrams out of the allowed types.
# echo -n Allowing ICMP datagrams out of the allowed types... && {
# $IPTABLES -A FORWARD -p icmp -i $OURDEV -d $ANYADDR --icmp-type $ICMPOUT -j ACCEPT
# } && echo done
# DEFAULT and LOGGING
# All remaining datagrams fall through to the default
# rule and are dropped. They will be logged if youve
# configured the LOGGING variable above.
#
# DoS
# enabling Syn-flood protection
echo -n Enabling Syn-flood protection... && {
iptables -A FORWARD -p tcp --syn -m limit --limit 1/s -j ACCEPT
} && echo done
# Enabling Furtive port scanner protection
echo -n Enabling Furtive port scanner protection... && {
iptables -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 1/s -j ACCEPT
} && echo done
# Enabling ping of death protection
echo -n Enabling ping of death protection... && {
iptables -A FORWARD -p icmp --icmp-type echo-request -m limit --limit 1/s -j ACCEPT
} && echo done
if [ "$LOGGING" ]
then
# Log barred TCP
$IPTABLES -A FORWARD -m tcp -p tcp -j LOG
# Log barred UDP
$IPTABLES -A FORWARD -m udp -p udp -j LOG
# Log barred ICMP
$IPTABLES -A FORWARD -m udp -p icmp -j LOG
fi
#
# end.
Download (MB)
Added: 2007-02-14 License: GPL (GNU General Public License) Price:
982 downloads
jZeno 1.0.36
jZeno is a meta-project that integrates a collection of java open source libraries. more>>
jZeno is a meta-project that integrates a collection of java open source libraries, to form a ready-to-use web development environment. jZeno is made to allow people to create web applications by using pure java development as much as possible. The main architectural goal of Largely reducing the need to know technologies like javascript, HTML, CSS, database specific SQL, and tons of different APIs.
Limiting the amount of APIs, technologies and programming styles allows developers to learn a smaller set of skills much deeper. We think this set of skills should be : a thorough understanding of java, OO development and design patterns.
We decided to create jZeno after growing more and more frustrated with JSP and Struts over the years. We hoped JSF would improve things but have come to the conclusion that it is mainly a commercially-driven API that does not really make development life any easier. So we started looking further and came across Echo, a toolkit for developing web applications in pure java. In a nutshell Echo provides you with an implementation of the Swing API for developing web applications. We have created an optimized version of the Echo toolkit to allow partial, and highly compressed updates of web pages, providing AJAX like performance (available in the upcoming 0.9 release).
While Echo provides an easy way of creating the presentation layer of a web application, some glue was still missing to turn it into a rapid development platform. So we decided to add a set of easy to use dynamic components, that provide an easy way to do data-binding, validation, event handling and such. Many useful components are also provided by the EchoPoint library, a collection of rich Echo components.
Besides the presentation layer jZeno also provides a number of services for facilitating the creation of business facades. This environment is similar to stateless session beans in the EJB specification, but witout the overhead of EJBs. These services include transaction management, dead-lock detection and retrying, performance monitoring, security checking, etc...
jZeno also uses Hibernate for O/R mapping inside you business facades. Besides these major functions jZeno contains out-of-the-box solutions for a host of other features any real-life web application needs. This inluces things like genrating reports in a pdf,xls,rtf and other formats (through JasperReports). It also includes live performance monitoring (JAMon) and heap monitoring of your application in its production environment, among other features...
jZeno applications have a traditional layered architecture. The tradidional 3 tiers are seperated : the presentation tier, the business tier and the domain model. The first tier is created by using the jZeno dynamic components and the lower level Echo and EchoPoint components. The business tier contains support for running your business logic, decorated with a stack of aspects that together create an environment very similar to stateless session beans (but with less requirements and configuration overhead). The domain model tier is basically the O/R mapping provided by Hibernate. jZeno provides a tightly integrated environment for all these tiers. In the future support for deploying on an EJB container may be added if required.
Enhancements:
- A bug in errormessagescomponent (warnings) has been fixed.
- Validation has been fixed to pre-render/rebind invisible pages on DynaTables before validation.
- The TTL for DNS caching has been set to a maximum of 5 minutes.
- SessionSyncFilter will always serialize unless using an image/script service.
- A McKoi startup bug when using hibernate annotations has been fixed.
- Processing of radio buttons with action listeners has been fixed.
- BigDecimalViewer and ComponentUI have been added for consistency.
- A bug in the NewsTicker component has been fixed.
<<lessLimiting the amount of APIs, technologies and programming styles allows developers to learn a smaller set of skills much deeper. We think this set of skills should be : a thorough understanding of java, OO development and design patterns.
We decided to create jZeno after growing more and more frustrated with JSP and Struts over the years. We hoped JSF would improve things but have come to the conclusion that it is mainly a commercially-driven API that does not really make development life any easier. So we started looking further and came across Echo, a toolkit for developing web applications in pure java. In a nutshell Echo provides you with an implementation of the Swing API for developing web applications. We have created an optimized version of the Echo toolkit to allow partial, and highly compressed updates of web pages, providing AJAX like performance (available in the upcoming 0.9 release).
While Echo provides an easy way of creating the presentation layer of a web application, some glue was still missing to turn it into a rapid development platform. So we decided to add a set of easy to use dynamic components, that provide an easy way to do data-binding, validation, event handling and such. Many useful components are also provided by the EchoPoint library, a collection of rich Echo components.
Besides the presentation layer jZeno also provides a number of services for facilitating the creation of business facades. This environment is similar to stateless session beans in the EJB specification, but witout the overhead of EJBs. These services include transaction management, dead-lock detection and retrying, performance monitoring, security checking, etc...
jZeno also uses Hibernate for O/R mapping inside you business facades. Besides these major functions jZeno contains out-of-the-box solutions for a host of other features any real-life web application needs. This inluces things like genrating reports in a pdf,xls,rtf and other formats (through JasperReports). It also includes live performance monitoring (JAMon) and heap monitoring of your application in its production environment, among other features...
jZeno applications have a traditional layered architecture. The tradidional 3 tiers are seperated : the presentation tier, the business tier and the domain model. The first tier is created by using the jZeno dynamic components and the lower level Echo and EchoPoint components. The business tier contains support for running your business logic, decorated with a stack of aspects that together create an environment very similar to stateless session beans (but with less requirements and configuration overhead). The domain model tier is basically the O/R mapping provided by Hibernate. jZeno provides a tightly integrated environment for all these tiers. In the future support for deploying on an EJB container may be added if required.
Enhancements:
- A bug in errormessagescomponent (warnings) has been fixed.
- Validation has been fixed to pre-render/rebind invisible pages on DynaTables before validation.
- The TTL for DNS caching has been set to a maximum of 5 minutes.
- SessionSyncFilter will always serialize unless using an image/script service.
- A McKoi startup bug when using hibernate annotations has been fixed.
- Processing of radio buttons with action listeners has been fixed.
- BigDecimalViewer and ComponentUI have been added for consistency.
- A bug in the NewsTicker component has been fixed.
Download (31MB)
Added: 2007-08-04 License: LGPL (GNU Lesser General Public License) Price:
812 downloads
Echo Web Application Framework 1.1.4
Echo Web Application Framework is an object-oriented, event-driven Web application framework. more>>
Echo is a framework for developing object-oriented, event-driven Web applications.
Echo removes the developer from having to think in terms of "page-based" applications and enables him/her to develop applications using the conventional object-oriented and event-driven paradigm for user interface development.
Knowledge of HTML, HTTP, and JavaScript is not required. Echo is open-source software distributed under the terms of the Mozilla Public License or the GNU LGPL License.
Enhancements:
- Version 1.1.4 adds support for specifying the order of tab-based navigation of components. The release also fixes bugs reported in previous versions, including the issues discovered with setting component focus.
<<lessEcho removes the developer from having to think in terms of "page-based" applications and enables him/her to develop applications using the conventional object-oriented and event-driven paradigm for user interface development.
Knowledge of HTML, HTTP, and JavaScript is not required. Echo is open-source software distributed under the terms of the Mozilla Public License or the GNU LGPL License.
Enhancements:
- Version 1.1.4 adds support for specifying the order of tab-based navigation of components. The release also fixes bugs reported in previous versions, including the issues discovered with setting component focus.
Download (0.80MB)
Added: 2005-05-05 License: LGPL (GNU Lesser General Public License) Price:
1635 downloads
ICMP-Chat 0.6
ICMP-Chat is a simple console-based chat that uses ICMP packets for communication. more>>
ICMP-Chat is a simple console-based chat that uses ICMP packets for communication. All the data is encrypted with Rijndael-256 algorithm.
Installation:
Type: make && make install
For solaris type: make solaris && make install
Usage:
Usage: icmpchat [OPTIONS] < host > < nick >
< host > = Host to chat with
< nick > = Your nickname
OPTIONS:
-t < type > = specify icmp type (default ECHO_REPLY)
Example: icmpchat 192.168.1.2 foo
ICMP codes:
[0] Echo Reply
[5] Redirect
[8] Echo Request
[9] Router advertisement
[10] Router solicitation
[13] Timestamp request
[14] Timestamp reply
[15] Information request
[16] Information reply
[17] Adressmask request
[18] Adressmask reply
Enhancements:
- Rewrote from scratch
- Implemented optimized rijndael algorithm
- Implemented sha256 for password hashing
- Implemented ncurses frontend (again)
- Fixed getuid problem so that setting suid flag works now (thanks John)
<<lessInstallation:
Type: make && make install
For solaris type: make solaris && make install
Usage:
Usage: icmpchat [OPTIONS] < host > < nick >
< host > = Host to chat with
< nick > = Your nickname
OPTIONS:
-t < type > = specify icmp type (default ECHO_REPLY)
Example: icmpchat 192.168.1.2 foo
ICMP codes:
[0] Echo Reply
[5] Redirect
[8] Echo Request
[9] Router advertisement
[10] Router solicitation
[13] Timestamp request
[14] Timestamp reply
[15] Information request
[16] Information reply
[17] Adressmask request
[18] Adressmask reply
Enhancements:
- Rewrote from scratch
- Implemented optimized rijndael algorithm
- Implemented sha256 for password hashing
- Implemented ncurses frontend (again)
- Fixed getuid problem so that setting suid flag works now (thanks John)
Download (0.037MB)
Added: 2006-06-16 License: GPL (GNU General Public License) Price:
1229 downloads
Log4sh 1.2.10
log4sh is a logging framework for shell scripts. more>>
log4sh project is a logging framework for shell scripts that works similar to the other wonderful logging products available from the Apache Software Foundataion (eg. log4perl, log4j).
Although not as powerful as the others, it can make the task of adding advanced logging to shell scripts easier, and has much more power than just using simple "echo" commands throughout.
In addition, it can be configured from a properties file so that scripts in a production environment do not need to be altered to change the amount of logging they produce.
Enhancements:
- They are now escaped properly for sed.
- The better _log4sh_mktemp() function was backported from the 1.3.x series.
<<lessAlthough not as powerful as the others, it can make the task of adding advanced logging to shell scripts easier, and has much more power than just using simple "echo" commands throughout.
In addition, it can be configured from a properties file so that scripts in a production environment do not need to be altered to change the amount of logging they produce.
Enhancements:
- They are now escaped properly for sed.
- The better _log4sh_mktemp() function was backported from the 1.3.x series.
Download (0.034MB)
Added: 2006-04-10 License: GPL (GNU General Public License) Price:
1293 downloads
HTML::Seamstress 4.26
HTML::Seamstress is a HTML::Tree subclass for HTML templating via tree rewriting. more>>
HTML::Seamstress is a HTML::Tree subclass for HTML templating via tree rewriting.
SYNOPSIS
HTML::Seamstress provides "fourth generation" dynamic HTML generation (templating).
In the beginning we had...
First generation dynamic HTML production
First generation dynamic HTML production used server-side includes:
< p >Todays date is < !--#echo var="DATE_LOCAL" -- > < /p >
Second generation dynamic HTML production
The next phase of HTML generation saw embedded HTML snippets in Perl code. For example:
sub header {
my $title = shift;
print $title< /title >
< /head >
EOHEADER
}
<<lessSYNOPSIS
HTML::Seamstress provides "fourth generation" dynamic HTML generation (templating).
In the beginning we had...
First generation dynamic HTML production
First generation dynamic HTML production used server-side includes:
< p >Todays date is < !--#echo var="DATE_LOCAL" -- > < /p >
Second generation dynamic HTML production
The next phase of HTML generation saw embedded HTML snippets in Perl code. For example:
sub header {
my $title = shift;
print $title< /title >
< /head >
EOHEADER
}
Download (0.048MB)
Added: 2006-09-14 License: Perl Artistic License Price:
1135 downloads
Packet filtering setup script
Packet filtering setup script by Anthony C. Zboralski. more>>
Packet filtering setup script by Anthony C. Zboralski. Adapted by Didi Damian for iptables version 1.0.0
Sample:
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
# Set up variables
EXT_IF="eth0"
INT_IF="eth1"
EXT_IP=24.x.x.x/32
INT_IP=192.168.0.1/32
EXT_NET=24.x.x.0/24
INT_NET=192.168.0.0/24
MASQ_NETS="192.168.0.0/24"
LOCAL_ADDRS="127.0.0.0/8 192.168.0.1/32 24.x.x.x/32"
MAIL_RELAY=24.x.x.x/32
SMB_ACCESS="192.168.0.2/32"
SMB_BCAST="192.168.0.255/32"
# Turn on IP forwarding
echo Turning on IP forwarding.
echo 1 > /proc/sys/net/ipv4/ip_forward
# Load the ip_tables module
echo Loading ip_tables module.
/sbin/modprobe ip_tables || exit 1
# I let the kernel dynamically load the other modules
echo Flush standard tables.
iptables --flush INPUT
iptables --flush OUTPUT
iptables --flush FORWARD
echo Deny everything until firewall setup is completed.
iptables --policy INPUT DROP
iptables --policy OUTPUT DROP
iptables --policy FORWARD DROP
CHAINS=`iptables -n -L |perl -n -e /Chains+(S+)/ && !($1 =~ /^(INPUT|FORWARD|OUTPUT)$/) && print "$1 "`
echo Remove remaining chains:
echo $CHAINS
for chain in $CHAINS; do
iptables --flush $chain
done
# 2nd step cause of dependencies
for chain in $CHAINS; do
iptables --delete-chain $chain
done
for net in $MASQ_NETS; do
# I delete all the rules so you can rerun the scripts without bloating
# your nat entries.
iptables -D POSTROUTING -t nat -s $MASQ_NETS -j MASQUERADE 2>/dev/null
iptables -A POSTROUTING -t nat -s $MASQ_NETS -j MASQUERADE || exit 1
done
iptables --policy FORWARD ACCEPT
# Create a target for logging and dropping packets
iptables --new LDROP 2>/dev/null
iptables -A LDROP --proto tcp -j LOG --log-level info
--log-prefix "TCP Drop "
iptables -A LDROP --proto udp -j LOG --log-level info
--log-prefix "UDP Drop "
iptables -A LDROP --proto icmp -j LOG --log-level info
--log-prefix "ICMP Drop "
iptables -A LDROP --proto gre -j LOG --log-level info
--log-prefix "GRE Drop "
iptables -A LDROP -f -j LOG --log-level emerg
--log-prefix "FRAG Drop "
iptables -A LDROP -j DROP
# Create a table for watching some accepting rules
iptables --new WATCH 2>/dev/null
iptables -A WATCH -m limit -j LOG --log-level warn --log-prefix "ACCEPT "
iptables -A WATCH -j ACCEPT
echo Special target for local addresses:
iptables --new LOCAL 2>/dev/null
echo $LOCAL_ADDRS
for ip in $LOCAL_ADDRS; do
iptables -A INPUT --dst $ip -j LOCAL
# iptables -A INPUT --src $ip -i ! lo -j LDROP # lame spoof protect
done
echo Authorize mail from mail relay.
iptables -A LOCAL --proto tcp --syn --src $MAIL_RELAY --dst $EXT_IP --dport 25 -j ACCEPT
echo Authorizing samba access to:
echo $SMB_ACCESS
iptables --new SMB 2>/dev/null
for ip in $SMB_ACCESS; do
iptables -A SMB -s $ip -j ACCEPT
done
iptables -A LOCAL --proto udp -i ! $EXT_IF --dport 135:139 -j SMB
iptables -A LOCAL --proto tcp -i ! $EXT_IF --dport 135:139 -j SMB
iptables -A LOCAL --proto tcp -i ! $EXT_IF --dport 445 -j SMB
iptables -A INPUT -i ! $EXT_IF --dst $SMB_BCAST -j ACCEPT #lame samba broadcast
echo Drop and log every other incoming tcp connection attempts.
iptables -A LOCAL -i ! lo --proto tcp --syn --j LDROP
echo Authorize dns access for local nets.
for net in $MASQ_NETS 127.0.0.0/8; do
iptables -A INPUT --proto udp --src $net --dport 53 -j ACCEPT
done
echo Enforcing up ICMP policies, use iptables -L ICMP to check.
# If you deny all ICMP messages you head for trouble since it would
# break lots of tcp/ip algorythm (acz)
iptables --new ICMP 2>/dev/null
iptables -A INPUT --proto icmp -j ICMP
iptables -A ICMP -p icmp --icmp-type echo-reply -j ACCEPT
iptables -A ICMP -p icmp --icmp-type destination-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type network-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type host-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type protocol-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type port-unreachable -j ACCEPT
iptables -A ICMP -p icmp --icmp-type fragmentation-needed -j LDROP
iptables -A ICMP -p icmp --icmp-type source-route-failed -j WATCH
iptables -A ICMP -p icmp --icmp-type network-unknown -j WATCH
iptables -A ICMP -p icmp --icmp-type host-unknown -j WATCH
iptables -A ICMP -p icmp --icmp-type network-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type host-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type TOS-network-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type TOS-host-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type communication-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type host-precedence-violation -j LDROP
iptables -A ICMP -p icmp --icmp-type precedence-cutoff -j LDROP
iptables -A ICMP -p icmp --icmp-type source-quench -j LDROP
iptables -A ICMP -p icmp --icmp-type redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type network-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type host-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type TOS-network-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type TOS-host-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type echo-request -j WATCH
iptables -A ICMP -p icmp --icmp-type router-advertisement -j LDROP
iptables -A ICMP -p icmp --icmp-type router-solicitation -j LDROP
iptables -A ICMP -p icmp --icmp-type time-exceeded -j WATCH
iptables -A ICMP -p icmp --icmp-type ttl-zero-during-transit -j WATCH
iptables -A ICMP -p icmp --icmp-type ttl-zero-during-reassembly -j WATCH
iptables -A ICMP -p icmp --icmp-type parameter-problem -j WATCH
iptables -A ICMP -p icmp --icmp-type ip-header-bad -j WATCH
iptables -A ICMP -p icmp --icmp-type required-option-missing -j WATCH
iptables -A ICMP -p icmp --icmp-type timestamp-request -j LDROP
iptables -A ICMP -p icmp --icmp-type timestamp-reply -j LDROP
iptables -A ICMP -p icmp --icmp-type address-mask-request -j LDROP
iptables -A ICMP -p icmp --icmp-type address-mask-reply -j LDROP
iptables -A ICMP -p icmp -j LDROP
echo Authorize tcp traffic.
iptables -A INPUT --proto tcp -j ACCEPT
echo Authorize packet output.
iptables --policy OUTPUT ACCEPT
#echo reject ident if you drop em you gotta wait for timeout
#iptables -I LOCAL --proto tcp --syn --dst $EXT_IP --dport 113 -j REJECT
echo Drop and log all udp below 1024.
iptables -A INPUT -i ! lo --proto udp --dport :1023 -j LDROP
echo Drop rpc dynamic udp port:
RPC_UDP=`rpcinfo -p localhost|perl -n -e /.*udps+(d+)s+/ && print $1,"n"|sort -u`
echo $RPC_UDP
for port in $RPC_UDP; do
iptables -A LOCAL -i ! lo --proto udp --dport $port -j LDROP
done
echo Authorize udp above 1024.
iptables -A INPUT --proto udp --dport 1024: -j ACCEPT
<<lessSample:
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
# Set up variables
EXT_IF="eth0"
INT_IF="eth1"
EXT_IP=24.x.x.x/32
INT_IP=192.168.0.1/32
EXT_NET=24.x.x.0/24
INT_NET=192.168.0.0/24
MASQ_NETS="192.168.0.0/24"
LOCAL_ADDRS="127.0.0.0/8 192.168.0.1/32 24.x.x.x/32"
MAIL_RELAY=24.x.x.x/32
SMB_ACCESS="192.168.0.2/32"
SMB_BCAST="192.168.0.255/32"
# Turn on IP forwarding
echo Turning on IP forwarding.
echo 1 > /proc/sys/net/ipv4/ip_forward
# Load the ip_tables module
echo Loading ip_tables module.
/sbin/modprobe ip_tables || exit 1
# I let the kernel dynamically load the other modules
echo Flush standard tables.
iptables --flush INPUT
iptables --flush OUTPUT
iptables --flush FORWARD
echo Deny everything until firewall setup is completed.
iptables --policy INPUT DROP
iptables --policy OUTPUT DROP
iptables --policy FORWARD DROP
CHAINS=`iptables -n -L |perl -n -e /Chains+(S+)/ && !($1 =~ /^(INPUT|FORWARD|OUTPUT)$/) && print "$1 "`
echo Remove remaining chains:
echo $CHAINS
for chain in $CHAINS; do
iptables --flush $chain
done
# 2nd step cause of dependencies
for chain in $CHAINS; do
iptables --delete-chain $chain
done
for net in $MASQ_NETS; do
# I delete all the rules so you can rerun the scripts without bloating
# your nat entries.
iptables -D POSTROUTING -t nat -s $MASQ_NETS -j MASQUERADE 2>/dev/null
iptables -A POSTROUTING -t nat -s $MASQ_NETS -j MASQUERADE || exit 1
done
iptables --policy FORWARD ACCEPT
# Create a target for logging and dropping packets
iptables --new LDROP 2>/dev/null
iptables -A LDROP --proto tcp -j LOG --log-level info
--log-prefix "TCP Drop "
iptables -A LDROP --proto udp -j LOG --log-level info
--log-prefix "UDP Drop "
iptables -A LDROP --proto icmp -j LOG --log-level info
--log-prefix "ICMP Drop "
iptables -A LDROP --proto gre -j LOG --log-level info
--log-prefix "GRE Drop "
iptables -A LDROP -f -j LOG --log-level emerg
--log-prefix "FRAG Drop "
iptables -A LDROP -j DROP
# Create a table for watching some accepting rules
iptables --new WATCH 2>/dev/null
iptables -A WATCH -m limit -j LOG --log-level warn --log-prefix "ACCEPT "
iptables -A WATCH -j ACCEPT
echo Special target for local addresses:
iptables --new LOCAL 2>/dev/null
echo $LOCAL_ADDRS
for ip in $LOCAL_ADDRS; do
iptables -A INPUT --dst $ip -j LOCAL
# iptables -A INPUT --src $ip -i ! lo -j LDROP # lame spoof protect
done
echo Authorize mail from mail relay.
iptables -A LOCAL --proto tcp --syn --src $MAIL_RELAY --dst $EXT_IP --dport 25 -j ACCEPT
echo Authorizing samba access to:
echo $SMB_ACCESS
iptables --new SMB 2>/dev/null
for ip in $SMB_ACCESS; do
iptables -A SMB -s $ip -j ACCEPT
done
iptables -A LOCAL --proto udp -i ! $EXT_IF --dport 135:139 -j SMB
iptables -A LOCAL --proto tcp -i ! $EXT_IF --dport 135:139 -j SMB
iptables -A LOCAL --proto tcp -i ! $EXT_IF --dport 445 -j SMB
iptables -A INPUT -i ! $EXT_IF --dst $SMB_BCAST -j ACCEPT #lame samba broadcast
echo Drop and log every other incoming tcp connection attempts.
iptables -A LOCAL -i ! lo --proto tcp --syn --j LDROP
echo Authorize dns access for local nets.
for net in $MASQ_NETS 127.0.0.0/8; do
iptables -A INPUT --proto udp --src $net --dport 53 -j ACCEPT
done
echo Enforcing up ICMP policies, use iptables -L ICMP to check.
# If you deny all ICMP messages you head for trouble since it would
# break lots of tcp/ip algorythm (acz)
iptables --new ICMP 2>/dev/null
iptables -A INPUT --proto icmp -j ICMP
iptables -A ICMP -p icmp --icmp-type echo-reply -j ACCEPT
iptables -A ICMP -p icmp --icmp-type destination-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type network-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type host-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type protocol-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type port-unreachable -j ACCEPT
iptables -A ICMP -p icmp --icmp-type fragmentation-needed -j LDROP
iptables -A ICMP -p icmp --icmp-type source-route-failed -j WATCH
iptables -A ICMP -p icmp --icmp-type network-unknown -j WATCH
iptables -A ICMP -p icmp --icmp-type host-unknown -j WATCH
iptables -A ICMP -p icmp --icmp-type network-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type host-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type TOS-network-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type TOS-host-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type communication-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type host-precedence-violation -j LDROP
iptables -A ICMP -p icmp --icmp-type precedence-cutoff -j LDROP
iptables -A ICMP -p icmp --icmp-type source-quench -j LDROP
iptables -A ICMP -p icmp --icmp-type redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type network-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type host-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type TOS-network-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type TOS-host-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type echo-request -j WATCH
iptables -A ICMP -p icmp --icmp-type router-advertisement -j LDROP
iptables -A ICMP -p icmp --icmp-type router-solicitation -j LDROP
iptables -A ICMP -p icmp --icmp-type time-exceeded -j WATCH
iptables -A ICMP -p icmp --icmp-type ttl-zero-during-transit -j WATCH
iptables -A ICMP -p icmp --icmp-type ttl-zero-during-reassembly -j WATCH
iptables -A ICMP -p icmp --icmp-type parameter-problem -j WATCH
iptables -A ICMP -p icmp --icmp-type ip-header-bad -j WATCH
iptables -A ICMP -p icmp --icmp-type required-option-missing -j WATCH
iptables -A ICMP -p icmp --icmp-type timestamp-request -j LDROP
iptables -A ICMP -p icmp --icmp-type timestamp-reply -j LDROP
iptables -A ICMP -p icmp --icmp-type address-mask-request -j LDROP
iptables -A ICMP -p icmp --icmp-type address-mask-reply -j LDROP
iptables -A ICMP -p icmp -j LDROP
echo Authorize tcp traffic.
iptables -A INPUT --proto tcp -j ACCEPT
echo Authorize packet output.
iptables --policy OUTPUT ACCEPT
#echo reject ident if you drop em you gotta wait for timeout
#iptables -I LOCAL --proto tcp --syn --dst $EXT_IP --dport 113 -j REJECT
echo Drop and log all udp below 1024.
iptables -A INPUT -i ! lo --proto udp --dport :1023 -j LDROP
echo Drop rpc dynamic udp port:
RPC_UDP=`rpcinfo -p localhost|perl -n -e /.*udps+(d+)s+/ && print $1,"n"|sort -u`
echo $RPC_UDP
for port in $RPC_UDP; do
iptables -A LOCAL -i ! lo --proto udp --dport $port -j LDROP
done
echo Authorize udp above 1024.
iptables -A INPUT --proto udp --dport 1024: -j ACCEPT
Download (MB)
Added: 2007-02-14 License: GPL (GNU General Public License) Price:
984 downloads
Secleted [ 0 ] software to compare
Copyright Notice:
Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future software development. The above echo shoes search only lists software in full, demo and trial versions for free download. Download links are directly from our mirror sites or publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed
