IPtables ROPE
ROPE is an open-ended iptables match module that allows rules to be written using a simple but powerful scripting language. It is designed for controlling complex high-level protocols that cannot be blocked using traditional criteria based on port numbers (etc.). Criteria can include tests on any field of the IP, UDP, or TCP headers as well as the packet data payload.
| Tags | Networking Firewalls Operating Systems Operating System Kernels Linux |
|---|---|
| Licenses | GPL |
| Operating Systems | POSIX Linux |
| Implementation | C Perl |
Recent releases
- 27 Jul 2005 10:04
Changes: This release adds a pre-built binary version for use with IPCop 1.4.6.
- 24 May 2005 11:34
Changes: The rddump utility handles tcpdump 3.8 format output. bittorrent.rope now identifies (blocks) .torrent file downloads.
- 01 May 2005 13:18
Changes: A minor fix to the bittorrent.rope script (for identifying the bittorrent protocol). Compiled script files are now ownership and mode checked before being loaded into the kernel.
- 18 Apr 2005 11:33
Changes: IP and MAC address handling has been extended to allow a.b.c.d.e.f and aa:bb:cc:dd syntaxes to be used to specify strings up to 255 characters in length.
- 03 Apr 2005 13:08
Changes: Handling of "!" for the "--rope-script" option of iptables to invert the return of a rope script. --rope-push-int, --rope-push-str, and --rope-push-ip options allow values to be pre-pushed onto the stack as command line arguments. UserLand debug mode includes a stack-depth print out. Rationalisation of *.h header files.
