comp.lang.ruby

Konrad Meyer

9/21/2007 2:17:00 AM

Quoth Ari Brown:
> fire version 1.8.6 has been released!
>
> * <http://fire.rubyforg...
>
> ## SYNOPSIS:
>
> Here's how to set up a Port Knocking Daemon with a key of ports 15,
> 99, and 1632!
> When the password is accepted, it prints w007!
>
> ####
> class MyPorter < Porter
>
> def initialize(*arr)
> super(*arr)
> end
>
> def rules(pkt)
> return false unless pkt.to_s =~ /192.168.15.1/
> true
> end
>
> def accept(pkt)
> puts "w007"
> end
> end
>
> MyPorter.new([15, 99, 1632])
>
>
>
> Here's how to set up a quick firewall, which saves it as an IPTables
> script:
>
> ######
> Firewall :write, "/Users/ari/Desktop/firewall.sh" do
> @debug = true
>
> Filter do
> chain "extra_packets"
>
> extra_packets do
> log :all
> end
>
> INPUT do
> drop :all, :protocol => "tcp --syn",
> :dest => "192.168.15.1"
> drop :all, :not => {:port => "80"},
> :ip => "192.168.0.0/16",
> :dest_ip => "192.168.0.0/16",
> :interface => "eth0"
> send :all, :to => "extra_packets"
> end
> end
>
> NAT do
> chain("TEST")
> TEST do
> accept :all
> end
> end
>
> Mangle do
> end
>
> Raw do
> end
> end
>
>
> ##########
> And of course, you can manipulate IPTables within your script
> (experimental, but useable)
>
> iptables = IPTables.new
> iptables.drop :all
>
>
> Changes:
>
> ## 1.0.0 / 2007-09-15
>
> * 1 major enhancement
> * Birthday!
>
> * <http://fire.rubyforg...
>
> -------------------------------------------|
> Nietzsche is my copilot

Sounds very cool. I am interested in setting up a port-knocking system, so
I'll take a look :D.

--
Konrad Meyer <konrad@tylerc.org> http://konrad.sobertil...