packet tracer
Sponsored Links
Sponsored Links
Secleted [ 0 ] software to compare
Results 1 - 15 of about 592
packETH 1.4
packETH is a Linux GUI packet generator tool for ethernet. more>>
packETH is a Linux GUI packet generator tool for ethernet. The project allows you to create and send any possible packet or sequence of packets on the ethernet.
Main features:
you can create and send any ethernet packet. Supported protocols:
- ethernet II, ethernet 802.3, 802.1q, QinQ
- ARP, IPv4, user defined network layer payload
- UDP, TCP, ICMP, IGMP, user defined transport layer payload
- RTP (payload with options to send sin wave of any frequency for G.711)
sending sequence of packets
- delay between packets, number of packets to send
- sending with max speed, approaching the teoretical boundary
- change parameters while sending (change IP & mac address, UDP payload, 2 user defined bytes, etc.)
saving configuration to a text file and load from it.
Enhancements:
- new features
<<lessMain features:
you can create and send any ethernet packet. Supported protocols:
- ethernet II, ethernet 802.3, 802.1q, QinQ
- ARP, IPv4, user defined network layer payload
- UDP, TCP, ICMP, IGMP, user defined transport layer payload
- RTP (payload with options to send sin wave of any frequency for G.711)
sending sequence of packets
- delay between packets, number of packets to send
- sending with max speed, approaching the teoretical boundary
- change parameters while sending (change IP & mac address, UDP payload, 2 user defined bytes, etc.)
saving configuration to a text file and load from it.
Enhancements:
- new features
Download (0.13MB)
Added: 2007-02-19 License: GPL (GNU General Public License) Price:
980 downloads
Beesoft Tracer 0.04
Beesoft Tracer is a suite of tools for a remote debugging of running program. more>>
Beesoft Tracer project is a suite of tools for a remote debugging of running program. All elements are wrote in pure C++ with using STL library. The communication between elements is via sockets: so called unix domain socket and TCP/IP.
Elements of Beesoft Tracer system:
In whole process are used three applications.
1) the debugged program, which sends informations about own states to the server,
2) the trace server, named tracesrv, is a program collecting all information coming from the debugged program. The information can be send to one client program, if this is connected.
3) the trace client, receives information from the trace server, and displays them in text mode. GUI client is already in development and will be soon available.
Advantages of system:
- the debugged program is executed only a bit slower, almost goes normal and simultaneously sends all debugging information, which need a programmer for debugging. Information are sent to the server via unix domain socket.
- the client program, which displays received information, can be in other computer - in remote host (or at the same). Information are receiving via TCP/IP protocol.
How can you use it?
To debugging the remote program it is needed:
1) download source code of Beesoft Tracer to disk,
2) build a library libbstrace and the programs tracesrv and tracecli (use make ),
3) add a appropriate macros into the source code of the program which should be debugged (macros are defined in the header file Tracer.h) and in compile time link static library libbstrace.a.
After that you are ready for debugging!
To run the debugging enviroment:
1) start (followed programs must be run on the same machine):
a) first tracesrv
b) next debugged program ( for tests in packet is accesible program example),
2) on remote or on the same machine start client tracecli.
In the package file you can find the source code of the example program. There you can see the right using of necessary macros!
<<lessElements of Beesoft Tracer system:
In whole process are used three applications.
1) the debugged program, which sends informations about own states to the server,
2) the trace server, named tracesrv, is a program collecting all information coming from the debugged program. The information can be send to one client program, if this is connected.
3) the trace client, receives information from the trace server, and displays them in text mode. GUI client is already in development and will be soon available.
Advantages of system:
- the debugged program is executed only a bit slower, almost goes normal and simultaneously sends all debugging information, which need a programmer for debugging. Information are sent to the server via unix domain socket.
- the client program, which displays received information, can be in other computer - in remote host (or at the same). Information are receiving via TCP/IP protocol.
How can you use it?
To debugging the remote program it is needed:
1) download source code of Beesoft Tracer to disk,
2) build a library libbstrace and the programs tracesrv and tracecli (use make ),
3) add a appropriate macros into the source code of the program which should be debugged (macros are defined in the header file Tracer.h) and in compile time link static library libbstrace.a.
After that you are ready for debugging!
To run the debugging enviroment:
1) start (followed programs must be run on the same machine):
a) first tracesrv
b) next debugged program ( for tests in packet is accesible program example),
2) on remote or on the same machine start client tracecli.
In the package file you can find the source code of the example program. There you can see the right using of necessary macros!
Download (0.044MB)
Added: 2007-07-29 License: GPL (GNU General Public License) Price:
817 downloads
Packet Garden 1.0pre5
Packet Garden is a project that allows you to grow a world from network traffic. more>>
Packet Garden is a project that allows you to grow a world from network traffic.
Packet Garden captures information about how you use the internet and uses this stored information to grow a private world you can later explore.
To do this, Packet Garden takes note of all the servers you visit, their geographical location and the kinds of data you access.
Uploads make hills and downloads valleys, their location determined by numbers taken from internet address itself.
The size of each hill or valley is based on how much data is sent or received.
Plants are also grown for each protocol detected by the software; if you visit a website, an HTTP plant is grown. If you share some files via eMule, a Peer to Peer plant is grown, and so on.
<<lessPacket Garden captures information about how you use the internet and uses this stored information to grow a private world you can later explore.
To do this, Packet Garden takes note of all the servers you visit, their geographical location and the kinds of data you access.
Uploads make hills and downloads valleys, their location determined by numbers taken from internet address itself.
The size of each hill or valley is based on how much data is sent or received.
Plants are also grown for each protocol detected by the software; if you visit a website, an HTTP plant is grown. If you share some files via eMule, a Peer to Peer plant is grown, and so on.
Download (2.5MB)
Added: 2007-01-16 License: GPL (GNU General Public License) Price:
1015 downloads
Packet Excalibur 1.0.2
Packet Excalibur is a multi-platform graphical and scriptable network packet engine with extensible text-based protocol descript more>>
Packet Excalibur is a multi-platform graphical and scriptable network packet engine with extensible text-based protocol descriptions. It is a network tool designed to build and receive custom packets from network.
Pen testing firewalls, routers, or any network enable equipment. Validating your custom built protocols without the burden of writting lines of code. Teaching yourself how protocols works and articulates around each other.
Download the install package (PacketExcalibur_*.*_linux_tgz)
Unzip and untar the archive, run "make" in the "PacketExcalibur_*/main" directory,
- binaries are installed in /usr/sbin
- support packages are installed in /var/cache/excalibur
- preference file is created in the user home directory
<<lessPen testing firewalls, routers, or any network enable equipment. Validating your custom built protocols without the burden of writting lines of code. Teaching yourself how protocols works and articulates around each other.
Download the install package (PacketExcalibur_*.*_linux_tgz)
Unzip and untar the archive, run "make" in the "PacketExcalibur_*/main" directory,
- binaries are installed in /usr/sbin
- support packages are installed in /var/cache/excalibur
- preference file is created in the user home directory
Download (1.8MB)
Added: 2006-07-04 License: GPL (GNU General Public License) Price:
1259 downloads
Optical Ray Tracer 1.0
OpticalRayTracer is a free Linux utility that analyzes systems of lenses. more>>
OpticalRayTracer is a free Linux utility that analyzes systems of lenses, it is Xwindows GUI-based.
It uses optical principles and a virtual optical bench to predict the behavior of many kinds of ordinary and exotic lens types. OpticalRayTracer includes an advanced, easy-to-use interface that allows the user to rearrange the optical configuration by simply dragging lenses around using the mouse.
OpticalRayTracer fully analyzes lens optical properties, incuding refraction and dispersion. The dispersion display uses color-coded light beams, as shown above, to simplify interpretation of the results.
Educators take note: OpticalRayTracer has significant educational potential in the teaching of basic optical principles, and it has some entertaining and game-like behaviors to hold the students attention.
OpticalRayTracer includes a detailed tutorial/help file to assist the user in getting started in this interesting activity.
Installation:
Put it in any convenient location.
$ tar -xjf raytracer.tar.bz2
$ cd raytracer.dist
$ ./auto_install.sh
If you dont want the automatic installation or you want to fine-tune the process, instead of running "auto_install.sh", after the unpacking step above, do this:
$ make -f Makefile.cvs dist
$ ./configure
$ make
$ sudo make install
Obviously you may want to modify some of these steps to suit your platform.
<<lessIt uses optical principles and a virtual optical bench to predict the behavior of many kinds of ordinary and exotic lens types. OpticalRayTracer includes an advanced, easy-to-use interface that allows the user to rearrange the optical configuration by simply dragging lenses around using the mouse.
OpticalRayTracer fully analyzes lens optical properties, incuding refraction and dispersion. The dispersion display uses color-coded light beams, as shown above, to simplify interpretation of the results.
Educators take note: OpticalRayTracer has significant educational potential in the teaching of basic optical principles, and it has some entertaining and game-like behaviors to hold the students attention.
OpticalRayTracer includes a detailed tutorial/help file to assist the user in getting started in this interesting activity.
Installation:
Put it in any convenient location.
$ tar -xjf raytracer.tar.bz2
$ cd raytracer.dist
$ ./auto_install.sh
If you dont want the automatic installation or you want to fine-tune the process, instead of running "auto_install.sh", after the unpacking step above, do this:
$ make -f Makefile.cvs dist
$ ./configure
$ make
$ sudo make install
Obviously you may want to modify some of these steps to suit your platform.
Download (0.38MB)
Added: 2005-11-14 License: GPL (GNU General Public License) Price:
1442 downloads
deja-packet 1.0
deja-packet transmits raw packets through a specified interface. more>>
deja-packet transmits raw packets through a specified interface.
Usage: ./deja-packet -pcap < libpcap capture file > < interface name >
or: ./deja-packet -raw < raw packet file > < interface name >
Note: you must be root to successfully transmit packets with deja-packet due to the Linux security restrictions with raw sockets.
In the [-p]cap mode, deja-packet transmits selected packets from a libpcap capture file (such as one created by Ethereal/Wireshark, or tcpdump). In the [-r]aw mode, deja-packet transmits the raw contents of a file as one whole packet.
The [-p]cap mode is interactive: the user will be continuously prompted to select which packet from the libpcap capture file to transmit, until the “q” character is encountered, where the program will quit.
Example pcap mode:
$ sudo ./deja-packet -p icmp_ping.pcap eth0
Select packet number (1 to 6) for transmission or q for quit: 1
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: 2
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: 5
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: 6
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: q
$
In the [-r]aw mode, deja-packet exits immediately after the attempted transmission is complete (allows deja-packet to be easily used with a script).
Example raw mode:
$ sudo ./deja-packet -r samplepacket eth0
Successfully transmitted packet!
$
icmp_ping.pcap is included as a sample libpcap capture file.
To compile deja-packet, simply use the command “make”.
deja-packet remains Linux-only because it requires PF_PACKET sockets.
This project is released under the GNU General Public License version 2.
<<lessUsage: ./deja-packet -pcap < libpcap capture file > < interface name >
or: ./deja-packet -raw < raw packet file > < interface name >
Note: you must be root to successfully transmit packets with deja-packet due to the Linux security restrictions with raw sockets.
In the [-p]cap mode, deja-packet transmits selected packets from a libpcap capture file (such as one created by Ethereal/Wireshark, or tcpdump). In the [-r]aw mode, deja-packet transmits the raw contents of a file as one whole packet.
The [-p]cap mode is interactive: the user will be continuously prompted to select which packet from the libpcap capture file to transmit, until the “q” character is encountered, where the program will quit.
Example pcap mode:
$ sudo ./deja-packet -p icmp_ping.pcap eth0
Select packet number (1 to 6) for transmission or q for quit: 1
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: 2
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: 5
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: 6
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: q
$
In the [-r]aw mode, deja-packet exits immediately after the attempted transmission is complete (allows deja-packet to be easily used with a script).
Example raw mode:
$ sudo ./deja-packet -r samplepacket eth0
Successfully transmitted packet!
$
icmp_ping.pcap is included as a sample libpcap capture file.
To compile deja-packet, simply use the command “make”.
deja-packet remains Linux-only because it requires PF_PACKET sockets.
This project is released under the GNU General Public License version 2.
Download (0.004MB)
Added: 2007-07-04 License: GPL (GNU General Public License) Price:
847 downloads
NetPacket::TCP 0.04
NetPacket::TCP is a Perl module to assemble and disassemble TCP (Transmission Control Protocol) packets. more>>
NetPacket::TCP is a Perl module to assemble and disassemble TCP (Transmission Control Protocol) packets.
SYNOPSIS
use NetPacket::TCP;
$tcp_obj = NetPacket::TCP->decode($raw_pkt);
$tcp_pkt = NetPacket::TCP->encode($ip_pkt);
$tcp_data = NetPacket::TCP::strip($raw_pkt);
NetPacket::TCP provides a set of routines for assembling and disassembling packets using TCP (Transmission Control Protocol).
Methods
NetPacket::TCP->decode([RAW PACKET])
Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method.
NetPacket::TCP->encode($ip_obj)
Return a TCP packet encoded with the instance data specified. Needs parts of the ip header contained in $ip_obj in order to calculate the TCP checksum.
Functions
NetPacket::TCP::strip([RAW PACKET])
Return the encapsulated data (or payload) contained in the TCP packet. This data is suitable to be used as input for other NetPacket::* modules.
This function is equivalent to creating an object using the decode() constructor and returning the data field of that object.
Instance data
The instance data for the NetPacket::TCP object consists of the following fields.
src_port
The source TCP port for the packet.
dest_port
The destination TCP port for the packet.
seqnum
The TCP sequence number for this packet.
acknum
The TCP acknowledgement number for this packet.
hlen
The header length for this packet.
reserved
The 6-bit "reserved" space in the TCP header.
flags
Contains the urg, ack, psh, rst, syn, fin, ece and cwr flags for this packet.
winsize
The TCP window size for this packet.
cksum
The TCP checksum.
urg
The TCP urgent pointer.
options
Any TCP options for this packet in binary form.
data
The encapsulated data (payload) for this packet.
<<lessSYNOPSIS
use NetPacket::TCP;
$tcp_obj = NetPacket::TCP->decode($raw_pkt);
$tcp_pkt = NetPacket::TCP->encode($ip_pkt);
$tcp_data = NetPacket::TCP::strip($raw_pkt);
NetPacket::TCP provides a set of routines for assembling and disassembling packets using TCP (Transmission Control Protocol).
Methods
NetPacket::TCP->decode([RAW PACKET])
Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method.
NetPacket::TCP->encode($ip_obj)
Return a TCP packet encoded with the instance data specified. Needs parts of the ip header contained in $ip_obj in order to calculate the TCP checksum.
Functions
NetPacket::TCP::strip([RAW PACKET])
Return the encapsulated data (or payload) contained in the TCP packet. This data is suitable to be used as input for other NetPacket::* modules.
This function is equivalent to creating an object using the decode() constructor and returning the data field of that object.
Instance data
The instance data for the NetPacket::TCP object consists of the following fields.
src_port
The source TCP port for the packet.
dest_port
The destination TCP port for the packet.
seqnum
The TCP sequence number for this packet.
acknum
The TCP acknowledgement number for this packet.
hlen
The header length for this packet.
reserved
The 6-bit "reserved" space in the TCP header.
flags
Contains the urg, ack, psh, rst, syn, fin, ece and cwr flags for this packet.
winsize
The TCP window size for this packet.
cksum
The TCP checksum.
urg
The TCP urgent pointer.
options
Any TCP options for this packet in binary form.
data
The encapsulated data (payload) for this packet.
Download (0.011MB)
Added: 2007-02-28 License: Perl Artistic License Price:
971 downloads
NetPacket::ARP 0.04
NetPacket::ARP is a Perl module to assemble and disassemble ARP (Address Resolution Protocol) packets. more>>
NetPacket::ARP is a Perl module to assemble and disassemble ARP (Address Resolution Protocol) packets.
SYNOPSIS
use NetPacket::ARP;
$tcp_obj = NetPacket::ARP->decode($raw_pkt);
$tcp_pkt = NetPacket::ARP->encode(params...); # Not implemented
NetPacket::ARP provides a set of routines for assembling and disassembling packets using ARP (Address Resolution Protocol).
Methods
NetPacket::ARP->decode([RAW PACKET])
Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method.
NetPacket::ARP->encode(param => value)
Return a ARP packet encoded with the instance data specified. Not implemented.
Functions
NetPacket::ARP::strip([RAW PACKET])
Return the encapsulated data (or payload) contained in the TCP packet. Since no payload data is encapulated in an ARP packet (only instance data), this function returns undef.
Instance data
The instance data for the NetPacket::ARP object consists of the following fields.
htype
Hardware type.
proto
Protocol type.
hlen
Header length.
plen
Protocol length.
opcode
One of the following constants:
ARP_OPCODE_REQUEST
ARP_OPCODE_REPLY
RARP_OPCODE_REQUEST
RARP_OPCODE_REPLY
sha
Source hardware address.
spa
Source protocol address.
tha
Target hardware address.
tpa
Target protocol address.
<<lessSYNOPSIS
use NetPacket::ARP;
$tcp_obj = NetPacket::ARP->decode($raw_pkt);
$tcp_pkt = NetPacket::ARP->encode(params...); # Not implemented
NetPacket::ARP provides a set of routines for assembling and disassembling packets using ARP (Address Resolution Protocol).
Methods
NetPacket::ARP->decode([RAW PACKET])
Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method.
NetPacket::ARP->encode(param => value)
Return a ARP packet encoded with the instance data specified. Not implemented.
Functions
NetPacket::ARP::strip([RAW PACKET])
Return the encapsulated data (or payload) contained in the TCP packet. Since no payload data is encapulated in an ARP packet (only instance data), this function returns undef.
Instance data
The instance data for the NetPacket::ARP object consists of the following fields.
htype
Hardware type.
proto
Protocol type.
hlen
Header length.
plen
Protocol length.
opcode
One of the following constants:
ARP_OPCODE_REQUEST
ARP_OPCODE_REPLY
RARP_OPCODE_REQUEST
RARP_OPCODE_REPLY
sha
Source hardware address.
spa
Source protocol address.
tha
Target hardware address.
tpa
Target protocol address.
Download (0.011MB)
Added: 2007-03-08 License: Perl Artistic License Price:
968 downloads
Packet Debugger 0.1 Beta
Packet Debugger presents a debugger-like UI for pcap packet capture files. more>>
Packet Debugger presents a debugger-like UI for pcap packet capture files.
The Packet Debugger (pdb) allows users to work with packet streams as if they were working with a source code debugger.
Users can list, inspect, modify, and retransmit any packet from captured files, as well as work with live packet captures.
<<lessThe Packet Debugger (pdb) allows users to work with packet streams as if they were working with a source code debugger.
Users can list, inspect, modify, and retransmit any packet from captured files, as well as work with live packet captures.
Download (0.15MB)
Added: 2007-01-20 License: BSD License Price:
1010 downloads
Packet Construction Set 0.5 Beta
Packet Construction Set is a set of Python modules and objects that make building network protocol code easier. more>>
Packet Construction Set is a set of Python modules and objects that make building network protocol code easier for the protocol developer.
The core of the system is the pcs module itself which provides the necessary functionality to create classes that implement packets.
Installation Instructions for Packet Construction Set (PCS)
PCS follows the normal Python conventions for building and installing and there is very little, if any, magic. To install the library and the associated packet classes into your system do:
> python setup.py install < return >
To test your installation do:
> cd tests/ < return >
> python *.py
Some tests fail if you do not have enough privileges to work with the Berkeley Packet Filter. If you wish to run those tests run them using sudo.
To build the documentation you will need pdflatex and a BSD version of make installed. Go into the docs directory and build the documentation:
> cd docs/ < return >
> bsdmake all
you will see PDF versions of the docs.
Enhancements:
- Move my version of Doug Songs Python pcap library into the package.
- Update the Makefile to make sure that we install correctly no matter what target is selected.
<<lessThe core of the system is the pcs module itself which provides the necessary functionality to create classes that implement packets.
Installation Instructions for Packet Construction Set (PCS)
PCS follows the normal Python conventions for building and installing and there is very little, if any, magic. To install the library and the associated packet classes into your system do:
> python setup.py install < return >
To test your installation do:
> cd tests/ < return >
> python *.py
Some tests fail if you do not have enough privileges to work with the Berkeley Packet Filter. If you wish to run those tests run them using sudo.
To build the documentation you will need pdflatex and a BSD version of make installed. Go into the docs directory and build the documentation:
> cd docs/ < return >
> bsdmake all
you will see PDF versions of the docs.
Enhancements:
- Move my version of Doug Songs Python pcap library into the package.
- Update the Makefile to make sure that we install correctly no matter what target is selected.
Download (0.36MB)
Added: 2007-03-22 License: BSD License Price:
947 downloads
Stone TCP/IP packet repeater 2.3c
Stone is an application layer TCP/IP packet repeater. more>>
Stone is an application layer TCP/IP packet repeater. It repeats TCP and UDP packets from the inside of a firewall to the outside or vice versa.
It is simple, supports OpenSSL for encrypting and decrypting packets, performing client and server verifications, and sending a substring of the subject of the certificate to the destination, can operate as an HTTP proxy, and performs POP to APOP conversion. It also supports IPv6 and can convert between IPv4 and IPv6 each other.
<<lessIt is simple, supports OpenSSL for encrypting and decrypting packets, performing client and server verifications, and sending a substring of the subject of the certificate to the destination, can operate as an HTTP proxy, and performs POP to APOP conversion. It also supports IPv6 and can convert between IPv4 and IPv6 each other.
Download (0.082MB)
Added: 2006-09-30 License: GPL (GNU General Public License) Price:
1125 downloads
Packet filtering setup script
Packet filtering setup script by Anthony C. Zboralski. more>>
Packet filtering setup script by Anthony C. Zboralski. Adapted by Didi Damian for iptables version 1.0.0
Sample:
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
# Set up variables
EXT_IF="eth0"
INT_IF="eth1"
EXT_IP=24.x.x.x/32
INT_IP=192.168.0.1/32
EXT_NET=24.x.x.0/24
INT_NET=192.168.0.0/24
MASQ_NETS="192.168.0.0/24"
LOCAL_ADDRS="127.0.0.0/8 192.168.0.1/32 24.x.x.x/32"
MAIL_RELAY=24.x.x.x/32
SMB_ACCESS="192.168.0.2/32"
SMB_BCAST="192.168.0.255/32"
# Turn on IP forwarding
echo Turning on IP forwarding.
echo 1 > /proc/sys/net/ipv4/ip_forward
# Load the ip_tables module
echo Loading ip_tables module.
/sbin/modprobe ip_tables || exit 1
# I let the kernel dynamically load the other modules
echo Flush standard tables.
iptables --flush INPUT
iptables --flush OUTPUT
iptables --flush FORWARD
echo Deny everything until firewall setup is completed.
iptables --policy INPUT DROP
iptables --policy OUTPUT DROP
iptables --policy FORWARD DROP
CHAINS=`iptables -n -L |perl -n -e /Chains+(S+)/ && !($1 =~ /^(INPUT|FORWARD|OUTPUT)$/) && print "$1 "`
echo Remove remaining chains:
echo $CHAINS
for chain in $CHAINS; do
iptables --flush $chain
done
# 2nd step cause of dependencies
for chain in $CHAINS; do
iptables --delete-chain $chain
done
for net in $MASQ_NETS; do
# I delete all the rules so you can rerun the scripts without bloating
# your nat entries.
iptables -D POSTROUTING -t nat -s $MASQ_NETS -j MASQUERADE 2>/dev/null
iptables -A POSTROUTING -t nat -s $MASQ_NETS -j MASQUERADE || exit 1
done
iptables --policy FORWARD ACCEPT
# Create a target for logging and dropping packets
iptables --new LDROP 2>/dev/null
iptables -A LDROP --proto tcp -j LOG --log-level info
--log-prefix "TCP Drop "
iptables -A LDROP --proto udp -j LOG --log-level info
--log-prefix "UDP Drop "
iptables -A LDROP --proto icmp -j LOG --log-level info
--log-prefix "ICMP Drop "
iptables -A LDROP --proto gre -j LOG --log-level info
--log-prefix "GRE Drop "
iptables -A LDROP -f -j LOG --log-level emerg
--log-prefix "FRAG Drop "
iptables -A LDROP -j DROP
# Create a table for watching some accepting rules
iptables --new WATCH 2>/dev/null
iptables -A WATCH -m limit -j LOG --log-level warn --log-prefix "ACCEPT "
iptables -A WATCH -j ACCEPT
echo Special target for local addresses:
iptables --new LOCAL 2>/dev/null
echo $LOCAL_ADDRS
for ip in $LOCAL_ADDRS; do
iptables -A INPUT --dst $ip -j LOCAL
# iptables -A INPUT --src $ip -i ! lo -j LDROP # lame spoof protect
done
echo Authorize mail from mail relay.
iptables -A LOCAL --proto tcp --syn --src $MAIL_RELAY --dst $EXT_IP --dport 25 -j ACCEPT
echo Authorizing samba access to:
echo $SMB_ACCESS
iptables --new SMB 2>/dev/null
for ip in $SMB_ACCESS; do
iptables -A SMB -s $ip -j ACCEPT
done
iptables -A LOCAL --proto udp -i ! $EXT_IF --dport 135:139 -j SMB
iptables -A LOCAL --proto tcp -i ! $EXT_IF --dport 135:139 -j SMB
iptables -A LOCAL --proto tcp -i ! $EXT_IF --dport 445 -j SMB
iptables -A INPUT -i ! $EXT_IF --dst $SMB_BCAST -j ACCEPT #lame samba broadcast
echo Drop and log every other incoming tcp connection attempts.
iptables -A LOCAL -i ! lo --proto tcp --syn --j LDROP
echo Authorize dns access for local nets.
for net in $MASQ_NETS 127.0.0.0/8; do
iptables -A INPUT --proto udp --src $net --dport 53 -j ACCEPT
done
echo Enforcing up ICMP policies, use iptables -L ICMP to check.
# If you deny all ICMP messages you head for trouble since it would
# break lots of tcp/ip algorythm (acz)
iptables --new ICMP 2>/dev/null
iptables -A INPUT --proto icmp -j ICMP
iptables -A ICMP -p icmp --icmp-type echo-reply -j ACCEPT
iptables -A ICMP -p icmp --icmp-type destination-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type network-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type host-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type protocol-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type port-unreachable -j ACCEPT
iptables -A ICMP -p icmp --icmp-type fragmentation-needed -j LDROP
iptables -A ICMP -p icmp --icmp-type source-route-failed -j WATCH
iptables -A ICMP -p icmp --icmp-type network-unknown -j WATCH
iptables -A ICMP -p icmp --icmp-type host-unknown -j WATCH
iptables -A ICMP -p icmp --icmp-type network-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type host-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type TOS-network-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type TOS-host-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type communication-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type host-precedence-violation -j LDROP
iptables -A ICMP -p icmp --icmp-type precedence-cutoff -j LDROP
iptables -A ICMP -p icmp --icmp-type source-quench -j LDROP
iptables -A ICMP -p icmp --icmp-type redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type network-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type host-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type TOS-network-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type TOS-host-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type echo-request -j WATCH
iptables -A ICMP -p icmp --icmp-type router-advertisement -j LDROP
iptables -A ICMP -p icmp --icmp-type router-solicitation -j LDROP
iptables -A ICMP -p icmp --icmp-type time-exceeded -j WATCH
iptables -A ICMP -p icmp --icmp-type ttl-zero-during-transit -j WATCH
iptables -A ICMP -p icmp --icmp-type ttl-zero-during-reassembly -j WATCH
iptables -A ICMP -p icmp --icmp-type parameter-problem -j WATCH
iptables -A ICMP -p icmp --icmp-type ip-header-bad -j WATCH
iptables -A ICMP -p icmp --icmp-type required-option-missing -j WATCH
iptables -A ICMP -p icmp --icmp-type timestamp-request -j LDROP
iptables -A ICMP -p icmp --icmp-type timestamp-reply -j LDROP
iptables -A ICMP -p icmp --icmp-type address-mask-request -j LDROP
iptables -A ICMP -p icmp --icmp-type address-mask-reply -j LDROP
iptables -A ICMP -p icmp -j LDROP
echo Authorize tcp traffic.
iptables -A INPUT --proto tcp -j ACCEPT
echo Authorize packet output.
iptables --policy OUTPUT ACCEPT
#echo reject ident if you drop em you gotta wait for timeout
#iptables -I LOCAL --proto tcp --syn --dst $EXT_IP --dport 113 -j REJECT
echo Drop and log all udp below 1024.
iptables -A INPUT -i ! lo --proto udp --dport :1023 -j LDROP
echo Drop rpc dynamic udp port:
RPC_UDP=`rpcinfo -p localhost|perl -n -e /.*udps+(d+)s+/ && print $1,"n"|sort -u`
echo $RPC_UDP
for port in $RPC_UDP; do
iptables -A LOCAL -i ! lo --proto udp --dport $port -j LDROP
done
echo Authorize udp above 1024.
iptables -A INPUT --proto udp --dport 1024: -j ACCEPT
<<lessSample:
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
# Set up variables
EXT_IF="eth0"
INT_IF="eth1"
EXT_IP=24.x.x.x/32
INT_IP=192.168.0.1/32
EXT_NET=24.x.x.0/24
INT_NET=192.168.0.0/24
MASQ_NETS="192.168.0.0/24"
LOCAL_ADDRS="127.0.0.0/8 192.168.0.1/32 24.x.x.x/32"
MAIL_RELAY=24.x.x.x/32
SMB_ACCESS="192.168.0.2/32"
SMB_BCAST="192.168.0.255/32"
# Turn on IP forwarding
echo Turning on IP forwarding.
echo 1 > /proc/sys/net/ipv4/ip_forward
# Load the ip_tables module
echo Loading ip_tables module.
/sbin/modprobe ip_tables || exit 1
# I let the kernel dynamically load the other modules
echo Flush standard tables.
iptables --flush INPUT
iptables --flush OUTPUT
iptables --flush FORWARD
echo Deny everything until firewall setup is completed.
iptables --policy INPUT DROP
iptables --policy OUTPUT DROP
iptables --policy FORWARD DROP
CHAINS=`iptables -n -L |perl -n -e /Chains+(S+)/ && !($1 =~ /^(INPUT|FORWARD|OUTPUT)$/) && print "$1 "`
echo Remove remaining chains:
echo $CHAINS
for chain in $CHAINS; do
iptables --flush $chain
done
# 2nd step cause of dependencies
for chain in $CHAINS; do
iptables --delete-chain $chain
done
for net in $MASQ_NETS; do
# I delete all the rules so you can rerun the scripts without bloating
# your nat entries.
iptables -D POSTROUTING -t nat -s $MASQ_NETS -j MASQUERADE 2>/dev/null
iptables -A POSTROUTING -t nat -s $MASQ_NETS -j MASQUERADE || exit 1
done
iptables --policy FORWARD ACCEPT
# Create a target for logging and dropping packets
iptables --new LDROP 2>/dev/null
iptables -A LDROP --proto tcp -j LOG --log-level info
--log-prefix "TCP Drop "
iptables -A LDROP --proto udp -j LOG --log-level info
--log-prefix "UDP Drop "
iptables -A LDROP --proto icmp -j LOG --log-level info
--log-prefix "ICMP Drop "
iptables -A LDROP --proto gre -j LOG --log-level info
--log-prefix "GRE Drop "
iptables -A LDROP -f -j LOG --log-level emerg
--log-prefix "FRAG Drop "
iptables -A LDROP -j DROP
# Create a table for watching some accepting rules
iptables --new WATCH 2>/dev/null
iptables -A WATCH -m limit -j LOG --log-level warn --log-prefix "ACCEPT "
iptables -A WATCH -j ACCEPT
echo Special target for local addresses:
iptables --new LOCAL 2>/dev/null
echo $LOCAL_ADDRS
for ip in $LOCAL_ADDRS; do
iptables -A INPUT --dst $ip -j LOCAL
# iptables -A INPUT --src $ip -i ! lo -j LDROP # lame spoof protect
done
echo Authorize mail from mail relay.
iptables -A LOCAL --proto tcp --syn --src $MAIL_RELAY --dst $EXT_IP --dport 25 -j ACCEPT
echo Authorizing samba access to:
echo $SMB_ACCESS
iptables --new SMB 2>/dev/null
for ip in $SMB_ACCESS; do
iptables -A SMB -s $ip -j ACCEPT
done
iptables -A LOCAL --proto udp -i ! $EXT_IF --dport 135:139 -j SMB
iptables -A LOCAL --proto tcp -i ! $EXT_IF --dport 135:139 -j SMB
iptables -A LOCAL --proto tcp -i ! $EXT_IF --dport 445 -j SMB
iptables -A INPUT -i ! $EXT_IF --dst $SMB_BCAST -j ACCEPT #lame samba broadcast
echo Drop and log every other incoming tcp connection attempts.
iptables -A LOCAL -i ! lo --proto tcp --syn --j LDROP
echo Authorize dns access for local nets.
for net in $MASQ_NETS 127.0.0.0/8; do
iptables -A INPUT --proto udp --src $net --dport 53 -j ACCEPT
done
echo Enforcing up ICMP policies, use iptables -L ICMP to check.
# If you deny all ICMP messages you head for trouble since it would
# break lots of tcp/ip algorythm (acz)
iptables --new ICMP 2>/dev/null
iptables -A INPUT --proto icmp -j ICMP
iptables -A ICMP -p icmp --icmp-type echo-reply -j ACCEPT
iptables -A ICMP -p icmp --icmp-type destination-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type network-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type host-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type protocol-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type port-unreachable -j ACCEPT
iptables -A ICMP -p icmp --icmp-type fragmentation-needed -j LDROP
iptables -A ICMP -p icmp --icmp-type source-route-failed -j WATCH
iptables -A ICMP -p icmp --icmp-type network-unknown -j WATCH
iptables -A ICMP -p icmp --icmp-type host-unknown -j WATCH
iptables -A ICMP -p icmp --icmp-type network-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type host-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type TOS-network-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type TOS-host-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type communication-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type host-precedence-violation -j LDROP
iptables -A ICMP -p icmp --icmp-type precedence-cutoff -j LDROP
iptables -A ICMP -p icmp --icmp-type source-quench -j LDROP
iptables -A ICMP -p icmp --icmp-type redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type network-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type host-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type TOS-network-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type TOS-host-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type echo-request -j WATCH
iptables -A ICMP -p icmp --icmp-type router-advertisement -j LDROP
iptables -A ICMP -p icmp --icmp-type router-solicitation -j LDROP
iptables -A ICMP -p icmp --icmp-type time-exceeded -j WATCH
iptables -A ICMP -p icmp --icmp-type ttl-zero-during-transit -j WATCH
iptables -A ICMP -p icmp --icmp-type ttl-zero-during-reassembly -j WATCH
iptables -A ICMP -p icmp --icmp-type parameter-problem -j WATCH
iptables -A ICMP -p icmp --icmp-type ip-header-bad -j WATCH
iptables -A ICMP -p icmp --icmp-type required-option-missing -j WATCH
iptables -A ICMP -p icmp --icmp-type timestamp-request -j LDROP
iptables -A ICMP -p icmp --icmp-type timestamp-reply -j LDROP
iptables -A ICMP -p icmp --icmp-type address-mask-request -j LDROP
iptables -A ICMP -p icmp --icmp-type address-mask-reply -j LDROP
iptables -A ICMP -p icmp -j LDROP
echo Authorize tcp traffic.
iptables -A INPUT --proto tcp -j ACCEPT
echo Authorize packet output.
iptables --policy OUTPUT ACCEPT
#echo reject ident if you drop em you gotta wait for timeout
#iptables -I LOCAL --proto tcp --syn --dst $EXT_IP --dport 113 -j REJECT
echo Drop and log all udp below 1024.
iptables -A INPUT -i ! lo --proto udp --dport :1023 -j LDROP
echo Drop rpc dynamic udp port:
RPC_UDP=`rpcinfo -p localhost|perl -n -e /.*udps+(d+)s+/ && print $1,"n"|sort -u`
echo $RPC_UDP
for port in $RPC_UDP; do
iptables -A LOCAL -i ! lo --proto udp --dport $port -j LDROP
done
echo Authorize udp above 1024.
iptables -A INPUT --proto udp --dport 1024: -j ACCEPT
Download (MB)
Added: 2007-02-14 License: GPL (GNU General Public License) Price:
984 downloads
fairly fast packet filter 1.5.0
The fairly fast packet filter (FFPF) is an approach to network packet processing. more>>
The fairly fast packet filter (FFPF) is an approach to network packet processing that adds many new features to existing filtering solutions like BPF.
fairly fast packet filter is designed for high speed by pushing computationally intensive tasks to the kernel or even network processors and by minimising packet copying.
By providing both access to richer programming languages and explicit extensibility, it is also considerably more flexible than existing approaches.
FFPF provides a complete solution for network monitoring that caters to all applications available today. Exploiting its extensibility, the language can even be used as a meta-filter to `script together filters from other approaches, such as BPF.
Main features:
- fast: processes significantly more packets per second than LSF (reference)
- scalable: transparently supports hardware assist, like that given by the Intel IXP2x00 network processors
- backward compatible: supports all existing libpcap based applications
- extensible: separates functionality from the framework. FFPF currently ships with implementations of BPF, Aho Corasick, Boyer Moore Horspool, and many more
- modular: new functions can be written in as little as 3 lines of code
- secure: relies on Keynote for authentication and resource control
- open and standard adherent: licensed under the GNU General Public License (GPL). It implements the Monitoring API (MAPI) draft as designed by the EU-SCAMPI consortium
Enhancements:
- enabled kernelspace processing
- enabled all 5 buffer implementations (Continuous, Fixed-size slot, Variable sized slot, Double ring and Index)
- added TCP stream reassembly and early implementation of zero-copy reassembly
- added PCAP input and output support, for userspace testing and offline use
- added additional minor functions: TCP Synprotect, output to files, ...
- added support for UDEV
- extended controlplane: flowspaces can now be queried for live state
- fixed up many bugs, hacks and irregularities.
<<lessfairly fast packet filter is designed for high speed by pushing computationally intensive tasks to the kernel or even network processors and by minimising packet copying.
By providing both access to richer programming languages and explicit extensibility, it is also considerably more flexible than existing approaches.
FFPF provides a complete solution for network monitoring that caters to all applications available today. Exploiting its extensibility, the language can even be used as a meta-filter to `script together filters from other approaches, such as BPF.
Main features:
- fast: processes significantly more packets per second than LSF (reference)
- scalable: transparently supports hardware assist, like that given by the Intel IXP2x00 network processors
- backward compatible: supports all existing libpcap based applications
- extensible: separates functionality from the framework. FFPF currently ships with implementations of BPF, Aho Corasick, Boyer Moore Horspool, and many more
- modular: new functions can be written in as little as 3 lines of code
- secure: relies on Keynote for authentication and resource control
- open and standard adherent: licensed under the GNU General Public License (GPL). It implements the Monitoring API (MAPI) draft as designed by the EU-SCAMPI consortium
Enhancements:
- enabled kernelspace processing
- enabled all 5 buffer implementations (Continuous, Fixed-size slot, Variable sized slot, Double ring and Index)
- added TCP stream reassembly and early implementation of zero-copy reassembly
- added PCAP input and output support, for userspace testing and offline use
- added additional minor functions: TCP Synprotect, output to files, ...
- added support for UDEV
- extended controlplane: flowspaces can now be queried for live state
- fixed up many bugs, hacks and irregularities.
Download (0.60MB)
Added: 2006-02-20 License: GPL (GNU General Public License) Price:
1342 downloads
RADIUS::Packet 1.0
RADIUS::Packet is an object-oriented Perl interface to RADIUS packets. more>>
RADIUS::Packet is an object-oriented Perl interface to RADIUS packets.
SYNOPSIS
use RADIUS::Packet;
use RADIUS::Dictionary;
my $d = new RADIUS::Dictionary "/etc/radius/dictionary";
my $p = new RADIUS::Packet $d, $data;
$p->dump;
if ($p->attr(User-Name eq "lwall") {
my $resp = new RADIUS::Packet $d;
$resp->set_code(Access-Accept);
$resp->set_identifier($p->identifier);
$resp->set_authenticator($p->authenticator);
$resp->set_attr(Reply-Message) = "Welcome, Larry!rn";
my $respdat = auth_resp($resp->pack, "mysecret");
...
RADIUS (RFC2138) specifies a binary packet format which contains various values and attributes. RADIUS::Packet provides an interface to turn RADIUS packets into Perl data structures and vice-versa.
RADIUS::Packet does not provide functions for obtaining RADIUS packets from the network. A simple network RADIUS server is provided as an example at the end of this document. Also, a RADIUS::Server module is under development which will simplify the interface.
<<lessSYNOPSIS
use RADIUS::Packet;
use RADIUS::Dictionary;
my $d = new RADIUS::Dictionary "/etc/radius/dictionary";
my $p = new RADIUS::Packet $d, $data;
$p->dump;
if ($p->attr(User-Name eq "lwall") {
my $resp = new RADIUS::Packet $d;
$resp->set_code(Access-Accept);
$resp->set_identifier($p->identifier);
$resp->set_authenticator($p->authenticator);
$resp->set_attr(Reply-Message) = "Welcome, Larry!rn";
my $respdat = auth_resp($resp->pack, "mysecret");
...
RADIUS (RFC2138) specifies a binary packet format which contains various values and attributes. RADIUS::Packet provides an interface to turn RADIUS packets into Perl data structures and vice-versa.
RADIUS::Packet does not provide functions for obtaining RADIUS packets from the network. A simple network RADIUS server is provided as an example at the end of this document. Also, a RADIUS::Server module is under development which will simplify the interface.
Download (0.042MB)
Added: 2007-04-11 License: Perl Artistic License Price:
931 downloads
NetPacket::IP 0.04
NetPacket::IP is a Perl module to assemble and disassemble IP (Internet Protocol) packets. more>>
SYNOPSIS
use NetPacket::IP;
$ip_obj = NetPacket::IP->decode($raw_pkt);
$ip_pkt = NetPacket::IP->encode($ip_obj);
$ip_data = NetPacket::IP::strip($raw_pkt);
NetPacket::IP provides a set of routines for assembling and disassembling packets using IP (Internet Protocol).
Methods
NetPacket::IP->decode([RAW PACKET])
Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method.
NetPacket::IP->encode()
Return an IP packet encoded with the instance data specified. This will infer the total length of the packet automatically from the payload lenth and also adjust the checksum.
Functions
NetPacket::IP::strip([RAW PACKET])
Return the encapsulated data (or payload) contained in the IP packet. This data is suitable to be used as input for other NetPacket::* modules.
This function is equivalent to creating an object using the decode() constructor and returning the data field of that object.
Instance data
The instance data for the NetPacket::IP object consists of the following fields.
ver
The IP version number of this packet.
hlen
The IP header length of this packet.
flags
The IP header flags for this packet.
foffset
The IP fragment offset for this packet.
tos
The type-of-service for this IP packet.
len
The length (including length of header) in bytes for this packet.
id
The identification (sequence) number for this IP packet.
ttl
The time-to-live value for this packet.
proto
The IP protocol number for this packet.
cksum
The IP checksum value for this packet.
src_ip
The source IP address for this packet in dotted-quad notation.
dest_ip
The destination IP address for this packet in dotted-quad notation.
options
Any IP options for this packet.
data
The encapsulated data (payload) for this IP packet.
Download (0.011MB)
Added: 2007-02-28 License: Perl Artistic License Price:
968 downloads
Secleted [ 0 ] software to compare
Copyright Notice:
Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future software development. The above packet tracer search only lists software in full, demo and trial versions for free download. Download links are directly from our mirror sites or publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed
