Choicenet (TM) filters compiler, version 1.33

What is it?

bld-filters is a supplementary tool for Lucent ChoiceNet (TM) software. Its main objective is to ease filters build and maintenance by dividing a filter into task specific modules referenced from a main filter.

For example:

the main filter looks like this:

># include basic security checks
>include security
>
># permit everything
>permit

while security module includes attack specific modules:

># include check againsft backorifice attack
>include backorifice
>
># include checks against nuke attack
>include nuke

attack specific modules do the real job, backorifice:

># deny inbound BO polls and log other BO activity
>permit 0.0.0.0/0 0.0.0.0/0 udp src eq 31337 log
>deny 0.0.0.0/0 0.0.0.0/0 udp dst eq 31337 log

bld-filters tools compiles main filter along with all the included modules and lists into a production filter e.g. to be used by ChoiceNet software.

Another feature of this tool is that it can compile ChoiceNet lists into production filter that is, if instructed, it can put IP numbers/ domain names listed in ChoiceNet lists into production filter. Although at the first glance this may look odd (given the ChoiceNet software is aimed to perform on-host lookups of specific IP number at its resident lists thus reducing the size of the filter) we found ChoiceNet lookups are somewhat slow so in some cases it seems reasonable to hardcode targets into filter rather than look them up with ChoiceNet. So, bld-filters may do the job.

Documentation

See the man page and sources. ;)

Installation

This program is distributed in source form only. In order to compile it, you must select your OS platform in Makefile and type "make". For the list of supported platforms, please, see file PLATFORMS.

Upon a successful compilation you would need to tape "make install".

The Latest Version

Available from http://www.glas.net/~ilya/download/tools/bld-filters/

Licensing

Copyright (C) 1999 by Ilya Etingof.

Redistribution and use of this software in source and compiled forms, with or without modification, are permitted provided that above copyright notice is preserved.

The whole package is provided "as is" without expressed or implied warranty.

Comments to ilya@glas.net.