Brett A. Goulder
The rantings of a college student on Software, IT and UNIX
[ Index ] [ Projects ] [ Links ]
Project name: Blackhole
Version: 2.0 (Development: GIT)
Developer/maintainer: Brett Goulder

Requirements: Bash and iptables.

About: Blackhole is a clean framework for developing small modules of iptables rules, which allows for rapid development of a sane firewall infrastructure, and it simplifies some of the complexity in iptables tasks. It's totally user-extensible, make a module, load it up, and you're good to go.

Use the git version if you are seriously going to develop any modules around blackhole, 2.0 is old. Due to lack of time (and interest) I haven't properly documented some of the changes since 2.0, so you'll have to read the code. But it's rather simple and easy to understand, so it shouldn't be a problem.

Features:
- Clean design and development model
- Modular code and clean layout
- Pre-made modules for port control, flood limiting, TCP state flag inspection, etc
- Flexible configuration system
- Optional dropped packet logging


Download Stable: Local (Slow)
Git (Development version): git clone git://www.dcaf-security.org/git/blackhole.git
Copyright© Brett A. Goulder | DCAF Security, dead since 2007!