filtering not applied empty
Sponsored Links
Sponsored Links
Secleted [ 0 ] software to compare
Results 1 - 15 of about 2352
Packet filtering setup script
Packet filtering setup script by Anthony C. Zboralski. more>>
Packet filtering setup script by Anthony C. Zboralski. Adapted by Didi Damian for iptables version 1.0.0
Sample:
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
# Set up variables
EXT_IF="eth0"
INT_IF="eth1"
EXT_IP=24.x.x.x/32
INT_IP=192.168.0.1/32
EXT_NET=24.x.x.0/24
INT_NET=192.168.0.0/24
MASQ_NETS="192.168.0.0/24"
LOCAL_ADDRS="127.0.0.0/8 192.168.0.1/32 24.x.x.x/32"
MAIL_RELAY=24.x.x.x/32
SMB_ACCESS="192.168.0.2/32"
SMB_BCAST="192.168.0.255/32"
# Turn on IP forwarding
echo Turning on IP forwarding.
echo 1 > /proc/sys/net/ipv4/ip_forward
# Load the ip_tables module
echo Loading ip_tables module.
/sbin/modprobe ip_tables || exit 1
# I let the kernel dynamically load the other modules
echo Flush standard tables.
iptables --flush INPUT
iptables --flush OUTPUT
iptables --flush FORWARD
echo Deny everything until firewall setup is completed.
iptables --policy INPUT DROP
iptables --policy OUTPUT DROP
iptables --policy FORWARD DROP
CHAINS=`iptables -n -L |perl -n -e /Chains+(S+)/ && !($1 =~ /^(INPUT|FORWARD|OUTPUT)$/) && print "$1 "`
echo Remove remaining chains:
echo $CHAINS
for chain in $CHAINS; do
iptables --flush $chain
done
# 2nd step cause of dependencies
for chain in $CHAINS; do
iptables --delete-chain $chain
done
for net in $MASQ_NETS; do
# I delete all the rules so you can rerun the scripts without bloating
# your nat entries.
iptables -D POSTROUTING -t nat -s $MASQ_NETS -j MASQUERADE 2>/dev/null
iptables -A POSTROUTING -t nat -s $MASQ_NETS -j MASQUERADE || exit 1
done
iptables --policy FORWARD ACCEPT
# Create a target for logging and dropping packets
iptables --new LDROP 2>/dev/null
iptables -A LDROP --proto tcp -j LOG --log-level info
--log-prefix "TCP Drop "
iptables -A LDROP --proto udp -j LOG --log-level info
--log-prefix "UDP Drop "
iptables -A LDROP --proto icmp -j LOG --log-level info
--log-prefix "ICMP Drop "
iptables -A LDROP --proto gre -j LOG --log-level info
--log-prefix "GRE Drop "
iptables -A LDROP -f -j LOG --log-level emerg
--log-prefix "FRAG Drop "
iptables -A LDROP -j DROP
# Create a table for watching some accepting rules
iptables --new WATCH 2>/dev/null
iptables -A WATCH -m limit -j LOG --log-level warn --log-prefix "ACCEPT "
iptables -A WATCH -j ACCEPT
echo Special target for local addresses:
iptables --new LOCAL 2>/dev/null
echo $LOCAL_ADDRS
for ip in $LOCAL_ADDRS; do
iptables -A INPUT --dst $ip -j LOCAL
# iptables -A INPUT --src $ip -i ! lo -j LDROP # lame spoof protect
done
echo Authorize mail from mail relay.
iptables -A LOCAL --proto tcp --syn --src $MAIL_RELAY --dst $EXT_IP --dport 25 -j ACCEPT
echo Authorizing samba access to:
echo $SMB_ACCESS
iptables --new SMB 2>/dev/null
for ip in $SMB_ACCESS; do
iptables -A SMB -s $ip -j ACCEPT
done
iptables -A LOCAL --proto udp -i ! $EXT_IF --dport 135:139 -j SMB
iptables -A LOCAL --proto tcp -i ! $EXT_IF --dport 135:139 -j SMB
iptables -A LOCAL --proto tcp -i ! $EXT_IF --dport 445 -j SMB
iptables -A INPUT -i ! $EXT_IF --dst $SMB_BCAST -j ACCEPT #lame samba broadcast
echo Drop and log every other incoming tcp connection attempts.
iptables -A LOCAL -i ! lo --proto tcp --syn --j LDROP
echo Authorize dns access for local nets.
for net in $MASQ_NETS 127.0.0.0/8; do
iptables -A INPUT --proto udp --src $net --dport 53 -j ACCEPT
done
echo Enforcing up ICMP policies, use iptables -L ICMP to check.
# If you deny all ICMP messages you head for trouble since it would
# break lots of tcp/ip algorythm (acz)
iptables --new ICMP 2>/dev/null
iptables -A INPUT --proto icmp -j ICMP
iptables -A ICMP -p icmp --icmp-type echo-reply -j ACCEPT
iptables -A ICMP -p icmp --icmp-type destination-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type network-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type host-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type protocol-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type port-unreachable -j ACCEPT
iptables -A ICMP -p icmp --icmp-type fragmentation-needed -j LDROP
iptables -A ICMP -p icmp --icmp-type source-route-failed -j WATCH
iptables -A ICMP -p icmp --icmp-type network-unknown -j WATCH
iptables -A ICMP -p icmp --icmp-type host-unknown -j WATCH
iptables -A ICMP -p icmp --icmp-type network-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type host-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type TOS-network-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type TOS-host-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type communication-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type host-precedence-violation -j LDROP
iptables -A ICMP -p icmp --icmp-type precedence-cutoff -j LDROP
iptables -A ICMP -p icmp --icmp-type source-quench -j LDROP
iptables -A ICMP -p icmp --icmp-type redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type network-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type host-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type TOS-network-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type TOS-host-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type echo-request -j WATCH
iptables -A ICMP -p icmp --icmp-type router-advertisement -j LDROP
iptables -A ICMP -p icmp --icmp-type router-solicitation -j LDROP
iptables -A ICMP -p icmp --icmp-type time-exceeded -j WATCH
iptables -A ICMP -p icmp --icmp-type ttl-zero-during-transit -j WATCH
iptables -A ICMP -p icmp --icmp-type ttl-zero-during-reassembly -j WATCH
iptables -A ICMP -p icmp --icmp-type parameter-problem -j WATCH
iptables -A ICMP -p icmp --icmp-type ip-header-bad -j WATCH
iptables -A ICMP -p icmp --icmp-type required-option-missing -j WATCH
iptables -A ICMP -p icmp --icmp-type timestamp-request -j LDROP
iptables -A ICMP -p icmp --icmp-type timestamp-reply -j LDROP
iptables -A ICMP -p icmp --icmp-type address-mask-request -j LDROP
iptables -A ICMP -p icmp --icmp-type address-mask-reply -j LDROP
iptables -A ICMP -p icmp -j LDROP
echo Authorize tcp traffic.
iptables -A INPUT --proto tcp -j ACCEPT
echo Authorize packet output.
iptables --policy OUTPUT ACCEPT
#echo reject ident if you drop em you gotta wait for timeout
#iptables -I LOCAL --proto tcp --syn --dst $EXT_IP --dport 113 -j REJECT
echo Drop and log all udp below 1024.
iptables -A INPUT -i ! lo --proto udp --dport :1023 -j LDROP
echo Drop rpc dynamic udp port:
RPC_UDP=`rpcinfo -p localhost|perl -n -e /.*udps+(d+)s+/ && print $1,"n"|sort -u`
echo $RPC_UDP
for port in $RPC_UDP; do
iptables -A LOCAL -i ! lo --proto udp --dport $port -j LDROP
done
echo Authorize udp above 1024.
iptables -A INPUT --proto udp --dport 1024: -j ACCEPT
<<lessSample:
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
# Set up variables
EXT_IF="eth0"
INT_IF="eth1"
EXT_IP=24.x.x.x/32
INT_IP=192.168.0.1/32
EXT_NET=24.x.x.0/24
INT_NET=192.168.0.0/24
MASQ_NETS="192.168.0.0/24"
LOCAL_ADDRS="127.0.0.0/8 192.168.0.1/32 24.x.x.x/32"
MAIL_RELAY=24.x.x.x/32
SMB_ACCESS="192.168.0.2/32"
SMB_BCAST="192.168.0.255/32"
# Turn on IP forwarding
echo Turning on IP forwarding.
echo 1 > /proc/sys/net/ipv4/ip_forward
# Load the ip_tables module
echo Loading ip_tables module.
/sbin/modprobe ip_tables || exit 1
# I let the kernel dynamically load the other modules
echo Flush standard tables.
iptables --flush INPUT
iptables --flush OUTPUT
iptables --flush FORWARD
echo Deny everything until firewall setup is completed.
iptables --policy INPUT DROP
iptables --policy OUTPUT DROP
iptables --policy FORWARD DROP
CHAINS=`iptables -n -L |perl -n -e /Chains+(S+)/ && !($1 =~ /^(INPUT|FORWARD|OUTPUT)$/) && print "$1 "`
echo Remove remaining chains:
echo $CHAINS
for chain in $CHAINS; do
iptables --flush $chain
done
# 2nd step cause of dependencies
for chain in $CHAINS; do
iptables --delete-chain $chain
done
for net in $MASQ_NETS; do
# I delete all the rules so you can rerun the scripts without bloating
# your nat entries.
iptables -D POSTROUTING -t nat -s $MASQ_NETS -j MASQUERADE 2>/dev/null
iptables -A POSTROUTING -t nat -s $MASQ_NETS -j MASQUERADE || exit 1
done
iptables --policy FORWARD ACCEPT
# Create a target for logging and dropping packets
iptables --new LDROP 2>/dev/null
iptables -A LDROP --proto tcp -j LOG --log-level info
--log-prefix "TCP Drop "
iptables -A LDROP --proto udp -j LOG --log-level info
--log-prefix "UDP Drop "
iptables -A LDROP --proto icmp -j LOG --log-level info
--log-prefix "ICMP Drop "
iptables -A LDROP --proto gre -j LOG --log-level info
--log-prefix "GRE Drop "
iptables -A LDROP -f -j LOG --log-level emerg
--log-prefix "FRAG Drop "
iptables -A LDROP -j DROP
# Create a table for watching some accepting rules
iptables --new WATCH 2>/dev/null
iptables -A WATCH -m limit -j LOG --log-level warn --log-prefix "ACCEPT "
iptables -A WATCH -j ACCEPT
echo Special target for local addresses:
iptables --new LOCAL 2>/dev/null
echo $LOCAL_ADDRS
for ip in $LOCAL_ADDRS; do
iptables -A INPUT --dst $ip -j LOCAL
# iptables -A INPUT --src $ip -i ! lo -j LDROP # lame spoof protect
done
echo Authorize mail from mail relay.
iptables -A LOCAL --proto tcp --syn --src $MAIL_RELAY --dst $EXT_IP --dport 25 -j ACCEPT
echo Authorizing samba access to:
echo $SMB_ACCESS
iptables --new SMB 2>/dev/null
for ip in $SMB_ACCESS; do
iptables -A SMB -s $ip -j ACCEPT
done
iptables -A LOCAL --proto udp -i ! $EXT_IF --dport 135:139 -j SMB
iptables -A LOCAL --proto tcp -i ! $EXT_IF --dport 135:139 -j SMB
iptables -A LOCAL --proto tcp -i ! $EXT_IF --dport 445 -j SMB
iptables -A INPUT -i ! $EXT_IF --dst $SMB_BCAST -j ACCEPT #lame samba broadcast
echo Drop and log every other incoming tcp connection attempts.
iptables -A LOCAL -i ! lo --proto tcp --syn --j LDROP
echo Authorize dns access for local nets.
for net in $MASQ_NETS 127.0.0.0/8; do
iptables -A INPUT --proto udp --src $net --dport 53 -j ACCEPT
done
echo Enforcing up ICMP policies, use iptables -L ICMP to check.
# If you deny all ICMP messages you head for trouble since it would
# break lots of tcp/ip algorythm (acz)
iptables --new ICMP 2>/dev/null
iptables -A INPUT --proto icmp -j ICMP
iptables -A ICMP -p icmp --icmp-type echo-reply -j ACCEPT
iptables -A ICMP -p icmp --icmp-type destination-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type network-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type host-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type protocol-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type port-unreachable -j ACCEPT
iptables -A ICMP -p icmp --icmp-type fragmentation-needed -j LDROP
iptables -A ICMP -p icmp --icmp-type source-route-failed -j WATCH
iptables -A ICMP -p icmp --icmp-type network-unknown -j WATCH
iptables -A ICMP -p icmp --icmp-type host-unknown -j WATCH
iptables -A ICMP -p icmp --icmp-type network-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type host-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type TOS-network-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type TOS-host-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type communication-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type host-precedence-violation -j LDROP
iptables -A ICMP -p icmp --icmp-type precedence-cutoff -j LDROP
iptables -A ICMP -p icmp --icmp-type source-quench -j LDROP
iptables -A ICMP -p icmp --icmp-type redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type network-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type host-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type TOS-network-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type TOS-host-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type echo-request -j WATCH
iptables -A ICMP -p icmp --icmp-type router-advertisement -j LDROP
iptables -A ICMP -p icmp --icmp-type router-solicitation -j LDROP
iptables -A ICMP -p icmp --icmp-type time-exceeded -j WATCH
iptables -A ICMP -p icmp --icmp-type ttl-zero-during-transit -j WATCH
iptables -A ICMP -p icmp --icmp-type ttl-zero-during-reassembly -j WATCH
iptables -A ICMP -p icmp --icmp-type parameter-problem -j WATCH
iptables -A ICMP -p icmp --icmp-type ip-header-bad -j WATCH
iptables -A ICMP -p icmp --icmp-type required-option-missing -j WATCH
iptables -A ICMP -p icmp --icmp-type timestamp-request -j LDROP
iptables -A ICMP -p icmp --icmp-type timestamp-reply -j LDROP
iptables -A ICMP -p icmp --icmp-type address-mask-request -j LDROP
iptables -A ICMP -p icmp --icmp-type address-mask-reply -j LDROP
iptables -A ICMP -p icmp -j LDROP
echo Authorize tcp traffic.
iptables -A INPUT --proto tcp -j ACCEPT
echo Authorize packet output.
iptables --policy OUTPUT ACCEPT
#echo reject ident if you drop em you gotta wait for timeout
#iptables -I LOCAL --proto tcp --syn --dst $EXT_IP --dport 113 -j REJECT
echo Drop and log all udp below 1024.
iptables -A INPUT -i ! lo --proto udp --dport :1023 -j LDROP
echo Drop rpc dynamic udp port:
RPC_UDP=`rpcinfo -p localhost|perl -n -e /.*udps+(d+)s+/ && print $1,"n"|sort -u`
echo $RPC_UDP
for port in $RPC_UDP; do
iptables -A LOCAL -i ! lo --proto udp --dport $port -j LDROP
done
echo Authorize udp above 1024.
iptables -A INPUT --proto udp --dport 1024: -j ACCEPT
Download (MB)
Added: 2007-02-14 License: GPL (GNU General Public License) Price:
984 downloads
FIR Filter Plugin 1.0.0
The FIR filter Plugin is an effect plugin for XMMS which enables to filter audio data using long FIR filters. more>>
FIR filter Plugin is an effect plugin for XMMS which enables to filter audio data using long FIR (finite impulse response) filters. Typical applications is loudspeaker or room equalization which typically requires filters with more than 300 taps (filter weights).
The FIR filter plugin uses the fftw3 library to perform the filtering using the overlap-and-add method. If fftw3 is not available the plugin will perform the filtering (convolution) in the time-domain which is much less efficient for long filters.
<<lessThe FIR filter plugin uses the fftw3 library to perform the filtering using the overlap-and-add method. If fftw3 is not available the plugin will perform the filtering (convolution) in the time-domain which is much less efficient for long filters.
Download (0.20MB)
Added: 2006-04-05 License: GPL (GNU General Public License) Price:
1299 downloads
Nagios Appender 1.2.0b
NagiosAppender is a pure Java implementation of a Log4j appender. more>>
NagiosAppender is a pure Java implementation of a Log4j appender that allows the developer/administrator to send log records to Nagios via the NCSA server (using the push model).
Nagios Appender project provides a simple solution for developers/administrators whose only alternative is to implement a polling function against against the output of a standard Log4j appender. The log4j configuration file provides for user-specific mappings between Log4j levels and Nagios levels.
The configuration file also allows the user to select whether to set the Nagios service and host programmatically via Log4j MDC, or via the config file. Later releases support XOR encryption.
Enhancements:
- It is now possible to define inclusion and exlusion regex filters which are applied against the raw message body.
- These filters can be tailored to allow you to cherry pick exactly the messages you want forwarded and those you do not.
<<lessNagios Appender project provides a simple solution for developers/administrators whose only alternative is to implement a polling function against against the output of a standard Log4j appender. The log4j configuration file provides for user-specific mappings between Log4j levels and Nagios levels.
The configuration file also allows the user to select whether to set the Nagios service and host programmatically via Log4j MDC, or via the config file. Later releases support XOR encryption.
Enhancements:
- It is now possible to define inclusion and exlusion regex filters which are applied against the raw message body.
- These filters can be tailored to allow you to cherry pick exactly the messages you want forwarded and those you do not.
Download (0.067MB)
Added: 2007-04-11 License: GPL (GNU General Public License) Price:
927 downloads
XML::Filter::DocSplitter 0.41
XML::Filter::DocSplitter does multipass processing of documents. more>>
XML::Filter::DocSplitter does multipass processing of documents.
SYNOPSIS
## See XML::SAX::???? for an easier way to use this filter.
use XML::SAX::Machines qw( Machine ) ;
my $m = Machine(
[ Intake => "XML::Filter::DocSplitter" => qw( Filter ) ],
[ Filter => "My::Filter" => qw( Merger ) ],
[ Merger => "XML::Filter::Merger" => qw( Output ) ],
[ Output => *STDOUT ],
);
## Let the distributor coordinate with the merger
## XML::SAX::Manifold does this for you.
$m->Intake->set_aggregator( $m->Merger );
$m->parse_file( "foo" );
XML::Filter::DocSplitter is a SAX filter that allows you to apply a filter to repeated sections of a document. It splits a document up at a predefined elements in to multiple documents and the filter is run on each document. The result can be left as a stream of separate documents or combined back in to a single document using a filter like XML::SAX::Merger.
By default, the input document is split in all children of the root element. By that reckoning, this document has three sub-documents in it:
< doc >
< subdoc > .... < /subdoc >
< subdoc > .... < /subdoc >
< subdoc > .... < /subdoc >
< /doc >
When using without an aggregator, all events up to the first record are lost; with an aggregator, they are passed directly in to the aggregator as the "first" document. All elements between the records (the "n " text nodes, in this case) are also passed directly to the merger (these will arrive between the end_document and start_document calls for each of the records), as are all events from the last record until the end of the input document. This means that the first document, as seen by the merger, is incomplete; its missing its end_element, which is passed later.
The approach of passing events from the input document right on through to the merger differs from the way XML::Filter::Distributor works.
Version restrictions:
- Can only feed a single aggregator at the moment. I can fix this with a bit of effort.
<<lessSYNOPSIS
## See XML::SAX::???? for an easier way to use this filter.
use XML::SAX::Machines qw( Machine ) ;
my $m = Machine(
[ Intake => "XML::Filter::DocSplitter" => qw( Filter ) ],
[ Filter => "My::Filter" => qw( Merger ) ],
[ Merger => "XML::Filter::Merger" => qw( Output ) ],
[ Output => *STDOUT ],
);
## Let the distributor coordinate with the merger
## XML::SAX::Manifold does this for you.
$m->Intake->set_aggregator( $m->Merger );
$m->parse_file( "foo" );
XML::Filter::DocSplitter is a SAX filter that allows you to apply a filter to repeated sections of a document. It splits a document up at a predefined elements in to multiple documents and the filter is run on each document. The result can be left as a stream of separate documents or combined back in to a single document using a filter like XML::SAX::Merger.
By default, the input document is split in all children of the root element. By that reckoning, this document has three sub-documents in it:
< doc >
< subdoc > .... < /subdoc >
< subdoc > .... < /subdoc >
< subdoc > .... < /subdoc >
< /doc >
When using without an aggregator, all events up to the first record are lost; with an aggregator, they are passed directly in to the aggregator as the "first" document. All elements between the records (the "n " text nodes, in this case) are also passed directly to the merger (these will arrive between the end_document and start_document calls for each of the records), as are all events from the last record until the end of the input document. This means that the first document, as seen by the merger, is incomplete; its missing its end_element, which is passed later.
The approach of passing events from the input document right on through to the merger differs from the way XML::Filter::Distributor works.
Version restrictions:
- Can only feed a single aggregator at the moment. I can fix this with a bit of effort.
Download (0.042MB)
Added: 2007-08-17 License: Perl Artistic License Price:
798 downloads
Content Filtering Proxy SafeSquid 4.2.2.RC8.2
CONTENT FILTERING PROXY SERVER, WEB FILTER, INTERNET FILTER, REAL-TIME FILTER more>> SafeSquid is a Content Filtering Proxy Server - BROWSER BASED INTERFACE, VERY FAST THROUGHPUT, DNS CACHING, CONTENT CACHING, PREFETCHING, BANDWIDTH CONTROL, VIRUS SCAN, Source, Target & Time based GRANULAR FireWall style rules to allow / deny content like music, videos, flash & java applets, messengers, chats, cookies, activex, scripts, etc. REMOTE AUTHENTICATION, REAL-TIME TEXT & IMAGE ANALYSIS for blocking PORNOGRAPHY. LIVE REMOTE SUPPORT.<<less
Download (1014KB)
Added: 2009-04-17 License: Freeware Price: $na
205 downloads
Content Filtering Proxy SafeSquid 4.2.2.RC8.9
Content filtering proxy server - BROWSER BASED INTERFACE, VERY FAST THROUGHPUT, DNS CACHING, CONTENT CACHING, PREFETCHING, BANDWIDTH CONTROL, VIRUS SCAN, WEB FILTERING, REAL-TIME TEXT & IMAGE ANALYSIS more>>
SafeSquid is a Content Filtering Proxy Server. SafeSquid has a BROWSER BASED INTERFACE. SafeSquid offers arguably, worlds biggest set of Content Filtering features.
SafeSquids multi-threaded architecture, delivers industrys FASTEST THROUGHPUT, even while providing extreme content analysis and security. SafeSquid has an intelligent DNS cache, an extremely manageable content CACHING system, and configurable content pre-fetching that allows fast browsing of often viewed web-sites.
SafeSquid lets you create unlimited and extremely granular Internet Policies to define and deal with unlimited number of unique factors depending upon user / network / web-site / mime-type / size / time etc. SafeSquid allows you to create unlimited number of policies for allowing or BLOCKING SPECIFIC CONTENT, like music, ActiveX, JavaScripts, advertisement banners, etc., and even any part of the protocol header to ensure graded exchange of private information, from each web-site. Real-time text analysis and Image analysis besides categorized web-site databases ensure complete blocking of PORNOGRAPHY or replacing specific parts.
Users can be authenticated from a remote WINDOWS ADS / OpenLDAP servers. SafeSquid lets you, to THROTTLE SPEED for low priority users or applications. You can use a variety of ANTIVIRUS Software like ClamAV and any other ICAP based antivirus to stop viruses before they reach the client systems. SafeSquid allows you to customize the various templates, that are displayed when access or content is denied to the user. SafeSquids logs can be analyse to create a exhaustive USER ACTIVITY REPORTS.
It takes less than 3 minutes to install SafeSquid on a Linux based server. SafeSquid is backed by a very responsive and committed customer support. SUPPORT INCLUDES REMOTE LIVE-HAND-HOLDING. Various SafeSquid editions are available to serve small 20 user networks or thousands of concurrent users. SafeSquid has special features for use in CLUSTERS.
Requirements: Linux, kernel 2.6 or higher
Whats new in this version: http://www.safesquid.com/html/viewforum.php?f=293
<<less Download (1.04MB)
Added: 2009-04-09 License: Freeware Price: $0.00
204 downloads
BFilter 1.1
BFilter is a smart filtering HTTP proxy. more>>
BFilter is a filtering web proxy. BFilter was originally intended for removing banner ads only, but at some point it has been extended to remove popups and webbugs. It cant be used as a general purpose filtering proxy because it was never intended this way.
For example you cant just block an arbitary object, you can only hint the ad detector in its decision making.
The main advantage BFilter has over the similar tools is its heuristic ad detection algorithm. The traditional blocklist-based approach is also implemented, but its mostly used for dealing with false positives.
Unlike other tools that require constant updates of their blocklists, BFilter manages to remove over 90% of ads even with an empty blocklist!
The javascript generated ads are not a problem for BFilter, as it has a javascript engine to combat them.
BFilter is expected work with any browser that supports proxies (nearly any browser does), and can forward requests to another HTTP proxy.
BFilter is written in C++ and is distributed under the GNU GPL.
Main features:
- HTTP/0.9 - HTTP/1.1 support.
- Persistent connections (HTTP/1.1 only).
- Pipelining (HTTP/1.1 only).
- HTTP compression.
- Forwarding to another proxy.
- All processing is done on the fly. It doesnt load the whole page or image before processing.
- Heuristic and regex-based approaches to detect ads.
- Detects and removes image, iframe, flash ads, popups and webbugs.
- A javascript engine to combat js-generated ads and popups.
- Heuristic analyzing of images and Flash files.
Enhancements:
- BFilter now caches external scripts it fetches for analyzing.
- Filtering accuracy was improved.
- Added a workaround for "Error decompressing response" problem with Opera and some websites.
- JavaScript engine was updated.
<<lessFor example you cant just block an arbitary object, you can only hint the ad detector in its decision making.
The main advantage BFilter has over the similar tools is its heuristic ad detection algorithm. The traditional blocklist-based approach is also implemented, but its mostly used for dealing with false positives.
Unlike other tools that require constant updates of their blocklists, BFilter manages to remove over 90% of ads even with an empty blocklist!
The javascript generated ads are not a problem for BFilter, as it has a javascript engine to combat them.
BFilter is expected work with any browser that supports proxies (nearly any browser does), and can forward requests to another HTTP proxy.
BFilter is written in C++ and is distributed under the GNU GPL.
Main features:
- HTTP/0.9 - HTTP/1.1 support.
- Persistent connections (HTTP/1.1 only).
- Pipelining (HTTP/1.1 only).
- HTTP compression.
- Forwarding to another proxy.
- All processing is done on the fly. It doesnt load the whole page or image before processing.
- Heuristic and regex-based approaches to detect ads.
- Detects and removes image, iframe, flash ads, popups and webbugs.
- A javascript engine to combat js-generated ads and popups.
- Heuristic analyzing of images and Flash files.
Enhancements:
- BFilter now caches external scripts it fetches for analyzing.
- Filtering accuracy was improved.
- Added a workaround for "Error decompressing response" problem with Opera and some websites.
- JavaScript engine was updated.
Download (1.0MB)
Added: 2007-07-30 License: GPL (GNU General Public License) Price:
901 downloads
Ignorance 2.2
Ignorance is a flexible, powerful content filtering plugin for Gaim. more>>
Ignorance is a content filtering plugin for Gaim. If you love Gaim for chat, but find yourself missing the filtering features of clients like zinc, then Ignorance is for you!
<<less Download (0.22MB)
Added: 2005-10-21 License: GPL (GNU General Public License) Price:
1463 downloads
Safesquid Content Filtering Proxy 4.2.2.RC7
Antivirus and content filtering proxy server more>> Safesquid is an antivirus and content filtering proxy server. It has many advanced features like URL blacklists, bandwidth management, regular expression substitution on Website content and requested URLs, ICP and CARP support to interoperate with other proxy servers, configuration synchronization to ease management of proxy servers in a cluster, ICAP support to use third-party content adaptation software, image and link prefetching, HTTP and FTP content caching, NTLM and Basic authentication, and an intutive Web interface to configure the proxy server.<<less
Download (724KB)
Added: 2009-04-19 License: Freeware Price: Free
236 downloads
Sax Filter 1.4
Sax Filter is a modular set of filters that can be used to process XML documents via Javas SAX support. more>>
Sax Filter is a modular set of filters that can be used to process XML documents via Javas SAX support.
Currently, the filters only process content (the ContentHandler interface).
<<lessCurrently, the filters only process content (the ContentHandler interface).
Download (0.048MB)
Added: 2006-12-24 License: GPL (GNU General Public License) Price:
1035 downloads
RubyFilter 0.12
RubyFilter provides a Ruby email filtering program and library. more>>
RubyFilter provides a Ruby email filtering program and library.
RubyFilter is a Ruby email filtering program that can serve as a replacement for email delivery programs such as procmail.
It is also a Ruby module which provides classes that make it easy to write programs that filter and deliver email.
<<lessRubyFilter is a Ruby email filtering program that can serve as a replacement for email delivery programs such as procmail.
It is also a Ruby module which provides classes that make it easy to write programs that filter and deliver email.
Download (0.059MB)
Added: 2007-04-17 License: BSD License Price:
921 downloads
Filter::Simple::Compile 0.02
Filter::Simple::Compile is a drop-in replacement to Filter::Simple. more>>
Filter::Simple::Compile is a drop-in replacement to Filter::Simple.
SYNOPSIS
Drop-in replacement for Filter::Simple:
package MyFilter;
use Filter::Simple::Compile;
FILTER { ... };
This way also works:
use Filter::Simple::Compile sub { ... };
This module lets you write Module::Compile extensions that are compatible with Filter::Simples API.
Additionally, no Filter::Simple::Compile does the same thing as use Filter::Simple::Compile, except the meaning for use and no will be reversed for your filter:
package MyFilter;
no Filter::Simple::Compile sub { ... }
# "no MyFilter" begins filtering
# "use MyFilter" terminates it
<<lessSYNOPSIS
Drop-in replacement for Filter::Simple:
package MyFilter;
use Filter::Simple::Compile;
FILTER { ... };
This way also works:
use Filter::Simple::Compile sub { ... };
This module lets you write Module::Compile extensions that are compatible with Filter::Simples API.
Additionally, no Filter::Simple::Compile does the same thing as use Filter::Simple::Compile, except the meaning for use and no will be reversed for your filter:
package MyFilter;
no Filter::Simple::Compile sub { ... }
# "no MyFilter" begins filtering
# "use MyFilter" terminates it
Download (0.013MB)
Added: 2007-02-12 License: Perl Artistic License Price:
984 downloads
squid-filter 0.9
squid-filter project was designed to build filtering capabilities comparable to those of Muffin into Squid. more>>
squid-filter project was designed to build filtering capabilities comparable to those of Muffin into Squid. It consists of
a patch to Squid, containing a module loader and filtering hooks, and a set of filter modules.
Currently available filters:
- Redirection of URIs.
- Rejection of certain (configurable) MIME content types.
- Suppression of cookies.
- Removal of Javascript and ActiveX.
- Breaking of GIF animation loops.
- Detection of 1x1 images.
Main features:
- Modular, easily extensible by writing new filters.
- Flexible configuration. Filters are independent from each other.
- Each filter can take a list of URIs which should not be filtered (allow list). URIs are specified as full regular expressions.
- Client can choose to bypass filters case-by-case.
- Filtering keeps Content-Length where possible.
Purpose
A filtering proxy allows users to remove unwanted stuff from Web pages as they browse them. What "unwanted stuff" is obviously depends on the individual user, but things which are commonly regarded as annoyances include
banner ads, user behaviour tracking via cookies,
animated pictures, JavaScript, VBScript, ActiveX (dangerous as well as annoying).
Some of those things can be avoided by filtering URIs, which Squid can already do via an external redirect program. Others require a content filter.
Usually, a filtering proxy runs standalone and does nothing but filtering. Users have to configure this proxy in their browsers, and if they use a caching proxy too, chain them after the filter. In situations where the user runs Squid anyway (mostly because of caching for different browsers or a small LAN), it is convenient to build this capability into Squid.
<<lessa patch to Squid, containing a module loader and filtering hooks, and a set of filter modules.
Currently available filters:
- Redirection of URIs.
- Rejection of certain (configurable) MIME content types.
- Suppression of cookies.
- Removal of Javascript and ActiveX.
- Breaking of GIF animation loops.
- Detection of 1x1 images.
Main features:
- Modular, easily extensible by writing new filters.
- Flexible configuration. Filters are independent from each other.
- Each filter can take a list of URIs which should not be filtered (allow list). URIs are specified as full regular expressions.
- Client can choose to bypass filters case-by-case.
- Filtering keeps Content-Length where possible.
Purpose
A filtering proxy allows users to remove unwanted stuff from Web pages as they browse them. What "unwanted stuff" is obviously depends on the individual user, but things which are commonly regarded as annoyances include
banner ads, user behaviour tracking via cookies,
animated pictures, JavaScript, VBScript, ActiveX (dangerous as well as annoying).
Some of those things can be avoided by filtering URIs, which Squid can already do via an external redirect program. Others require a content filter.
Usually, a filtering proxy runs standalone and does nothing but filtering. Users have to configure this proxy in their browsers, and if they use a caching proxy too, chain them after the filter. In situations where the user runs Squid anyway (mostly because of caching for different browsers or a small LAN), it is convenient to build this capability into Squid.
Download (0.046MB)
Added: 2007-01-25 License: Public Domain Price:
1008 downloads
Hook::Filter 0.02
Hook::Filter is a runtime filtering layer on top of subroutine calls. more>>
Hook::Filter is a runtime filtering layer on top of subroutine calls.
SYNOPSIS
Imagine you have a big program using a logging library that exports 3 functions called mydebug, myinfo and mywarn. Those functions generate far too much log, so you want to skip calling them except in some specific circumstances.
In your main program, write:
use Hook::Filter hook => ["mydebug","myinfo","mywarn"];
In all modules making use of the logging library, write:
use Hook::Filter;
Then create a file called ./hook_filter.rules. This file contains boolean expressions that specify when calls to the filtered subroutines should be allowed:
# allow calls to mydebug only inside package My::Filthy:Attempt
is_sub(mydebug) && from_pkg(My::Filthy::Attempt)
# allow all calls to myinfo except from inside packages under the namespace My::Test::
is_sub(myinfo) && !from_pkg(/^My::Test/)
# allow calls to mywarn from function do_stuff in package main
# whose third argument is a message that does not match the string invalid login name
is_sub(mywarn) && from_sub(do_stuff) && from_pkg(main) && !has_arg(3,/invalid login name/)
# all other calls to myinfo, mydebug or mywarn will be skipped
SYNOPSIS, Log::Dispatch
Your program uses Log::Dispatch. You want to enable Hook::Filter on top of the methods log and log_to from Log::Dispatch everywhere at once. And you want to use the filter rules located in /etc/myconf/filter_rules.conf. Easy: in main, write:
use Hook::Filter rules => /etc/myconf/filter_rules.conf, hook => [Log::Dispatch::log,Log::Dispatch::log_to];
<<lessSYNOPSIS
Imagine you have a big program using a logging library that exports 3 functions called mydebug, myinfo and mywarn. Those functions generate far too much log, so you want to skip calling them except in some specific circumstances.
In your main program, write:
use Hook::Filter hook => ["mydebug","myinfo","mywarn"];
In all modules making use of the logging library, write:
use Hook::Filter;
Then create a file called ./hook_filter.rules. This file contains boolean expressions that specify when calls to the filtered subroutines should be allowed:
# allow calls to mydebug only inside package My::Filthy:Attempt
is_sub(mydebug) && from_pkg(My::Filthy::Attempt)
# allow all calls to myinfo except from inside packages under the namespace My::Test::
is_sub(myinfo) && !from_pkg(/^My::Test/)
# allow calls to mywarn from function do_stuff in package main
# whose third argument is a message that does not match the string invalid login name
is_sub(mywarn) && from_sub(do_stuff) && from_pkg(main) && !has_arg(3,/invalid login name/)
# all other calls to myinfo, mydebug or mywarn will be skipped
SYNOPSIS, Log::Dispatch
Your program uses Log::Dispatch. You want to enable Hook::Filter on top of the methods log and log_to from Log::Dispatch everywhere at once. And you want to use the filter rules located in /etc/myconf/filter_rules.conf. Easy: in main, write:
use Hook::Filter rules => /etc/myconf/filter_rules.conf, hook => [Log::Dispatch::log,Log::Dispatch::log_to];
Download (0.015MB)
Added: 2006-10-20 License: Perl Artistic License Price:
1099 downloads
Yet Another Filter Proxy 0.1.1
Yet Another Filter Proxy project is a preforking, banner filtering, content scanning Perl proxy. more>>
Yet Another Filter Proxy project is a preforking, banner filtering, content scanning Perl proxy.
Yet Another Filter Proxy is a proxy to filter out advertising banners and malicious script code from web sites. It is written in Perl and based on an example by Randal L. Schwartz.
For performance reasons it uses preforking to spawn several processes of itself (like Apache does).
Unlike other available proxies (such as Junkbuster), it does blocking by Perl regular expressions on the site content, which allows you to block JavaScript and popups, in addition to normal ads.
Run perldoc yafp.pl for full readme!
<<lessYet Another Filter Proxy is a proxy to filter out advertising banners and malicious script code from web sites. It is written in Perl and based on an example by Randal L. Schwartz.
For performance reasons it uses preforking to spawn several processes of itself (like Apache does).
Unlike other available proxies (such as Junkbuster), it does blocking by Perl regular expressions on the site content, which allows you to block JavaScript and popups, in addition to normal ads.
Run perldoc yafp.pl for full readme!
Download (0.027MB)
Added: 2007-03-02 License: GPL (GNU General Public License) Price:
973 downloads
Secleted [ 0 ] software to compare
Copyright Notice:
Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future software development. The above filtering not applied empty search only lists software in full, demo and trial versions for free download. Download links are directly from our mirror sites or publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed
