[ANN] fire 1.0.0

[Ari Brown]

fire version 1.8.6 has been released!

* <http://fire.rubyforge.com/>

## SYNOPSIS:

Here's how to set up a Port Knocking Daemon with a key of ports 15,
99, and 1632!
When the password is accepted, it prints w007!

####
class MyPorter < Porter

def initialize(*arr)
super(*arr)
end

def rules(pkt)
return false unless pkt.to_s =~ /192.168.15.1/
true
end

def accept(pkt)
puts "w007"
end
end

MyPorter.new([15, 99, 1632])



Here's how to set up a quick firewall, which saves it as an IPTables
script:

######
Firewall :write, "/Users/ari/Desktop/firewall.sh" do
@debug = true

Filter do
chain "extra_packets"

extra_packets do
log :all
end

INPUT do
drop :all, rotocol => "tcp --syn",
:dest => "192.168.15.1"
drop :all, :not => {ort => "80"},
:ip => "192.168.0.0/16",
:dest_ip => "192.168.0.0/16",
:interface => "eth0"
send :all, :to => "extra_packets"
end
end

NAT do
chain("TEST")
TEST do
accept :all
end
end

Mangle do
end

Raw do
end
end


##########
And of course, you can manipulate IPTables within your script
(experimental, but useable)

iptables = IPTables.new
iptables.drop :all


Changes:

## 1.0.0 / 2007-09-15

* 1 major enhancement
* Birthday!

* <http://fire.rubyforge.com/>

-------------------------------------------|
Nietzsche is my copilot

 

[Konrad Meyer]

--nextPart2007577.ajauJnozSG
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

Quoth Ari Brown:

fire version 1.8.6 has been released!
=20
* <http://fire.rubyforge.com/>
=20
## SYNOPSIS:
=20
Here's how to set up a Port Knocking Daemon with a key of ports 15, =20
99, and 1632!
When the password is accepted, it prints w007!
=20
####
class MyPorter < Porter
=20
def initialize(*arr)
super(*arr)
end
=20
def rules(pkt)
return false unless pkt.to_s =3D~ /192.168.15.1/
true
end
=20
def accept(pkt)
puts "w007"
end
end
=20
MyPorter.new([15, 99, 1632])
=20
=20
=20
Here's how to set up a quick firewall, which saves it as an IPTables =20
script:
=20
######
Firewall :write, "/Users/ari/Desktop/firewall.sh" do
@debug =3D true
=20
Filter do
chain "extra_packets"
=20
extra_packets do
log :all
end
=20
INPUT do
drop :all, rotocol =3D> "tcp --syn",
:dest =3D> "192.168.15.1"
drop :all, :not =3D> {ort =3D> "80"},
:ip =3D> "192.168.0.0/16",
:dest_ip =3D> "192.168.0.0/16",
:interface =3D> "eth0"
send :all, :to =3D> "extra_packets"
end
end
=20
NAT do
chain("TEST")
TEST do
accept :all
end
end
=20
Mangle do
end
=20
Raw do
end
end
=20
=20
##########
And of course, you can manipulate IPTables within your script =20
(experimental, but useable)
=20
iptables =3D IPTables.new
iptables.drop :all
=20
=20
Changes:
=20
## 1.0.0 / 2007-09-15
=20
* 1 major enhancement
* Birthday!
=20
* <http://fire.rubyforge.com/>
=20
-------------------------------------------|
Nietzsche is my copilot

Sounds very cool. I am interested in setting up a port-knocking system, so
I'll take a look .

=2D-=20
Konrad Meyer <[email protected]> http://konrad.sobertillnoon.com/

--nextPart2007577.ajauJnozSG
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQBG8ymaCHB0oCiR2cwRAnG9AKCDK6dxtFu0nqI0TMVwUxQDqwbSIACffita
LAoDr19TNiKWR+gXp2GTT/Q=
=+yyc
-----END PGP SIGNATURE-----

--nextPart2007577.ajauJnozSG--