A new version of my "Firewall Foundation Classes"
package is available for downloading.
FFC is a C++ library intended to aid in the
construction of safe internet clients, servers,
and firewalls. A demo application ("VOOM") is
included that is intended to become a safe
web and multiprotocol proxy server. All the code
is under a BSD-style license.
The code is at:
http://www.brd.ie/download/index.html
Some of the goodies:
- cross platform (Windows '95, Windows NT,
Linux, FreeBSD).
- real time management via HTTP (embryonic)
- generic relay with transparency support
under Linux
- integrated netacl. (v. simple)
- configuration language is TCL script
- user-defined permission callbacks can be
written in TCL (without weakening the
system).
- encryption support (using Peter Gutmanns's
cryptlib) is planned.
Some of the baddies:
- This is still alpha quality stuff so I don't
recommend using it in live, high risk situations,
Some important features (such as comprehensive
logging) are still missing, and the code has
not been reviewed for security yet. (It has been
_designed_ for security, though, which does help
a little). Anyway, having said that it's been in
use here for quite a while to proxy NNTP, LDAP
and POP (not for security though - this is just
a userland NAT service really).
I welcome comments and I appreciate anyone taking
the time to download and test this.
Cheers,
Frank O'Dwyer.
|
|
