Download

NARC

Changes: This release implements IPLIMIT so that it works with 2.4 and 2.6 kernels, implements port forwarding to other interfaces (no longer limited to DMZ), fixes an error in the install script that omitted a mkdir, and removes the TCP port 445 (microsoft-ds) from TCP_PROBE.

Changes: Even more sanity checking was added. A new experimental install script was added. The default logging level was changed from kern.=info to kern.=debug in narc.conf. Please modify your syslog.conf to accommodate the change. The LOG_LIMIT_EXCEED option was added to log TCP connections that exceed the LIMIT_RATE in narc.conf.

Changes: Errant detection of the ipchains module has been fixed. Modules detection has been changed to include /lib for certain distributions. An AUTOGET_EXTERNAL_IP option has been added for narc-forward.conf. More typos have been fixed.

Changes: rp_filter (ingress filtering) and ENABLE_IPLIMIT have been fixed. This is the first NARC release to be compatible with the previous (0.6) narc.conf file.

Changes: The NARC executable path is now configurable (used by /etc/init.d/iptables). NARC was rewritten to make adding future options easier. Support for general rate limiting was added. Support for IP/network based connection limit (TCP only) was added. More logging options were added (ICMP, packet length, iplimit). General code cleanup and optimizations were made.