Article 26214 of alt.security: Path: nntpd.lkg.dec.com!pa.dec.com!decwrl!spool.mu.edu!howland.reston.ans.net!cs.utexas.edu!bcm!news.tamu.edu!news.tamu.edu!dhess From: dhess@net.tamu.edu (Dave Hess) Newsgroups: comp.security.misc,comp.security.unix,alt.security,comp.protocols.tcp-ip Subject: ANNOUNCEMENT: Drawbridge 2.0 Followup-To: comp.security.misc Date: 17 Jul 1995 15:49:13 GMT Organization: Texas A&M University, CIS Network Group Lines: 142 Message-ID: NNTP-Posting-Host: net.tamu.edu Xref: nntpd.lkg.dec.com comp.security.misc:19267 comp.security.unix:17757 alt.security:26214 comp.protocols.tcp-ip:42952 -----BEGIN PGP SIGNED MESSAGE----- Drawbridge 2.0 is a signficant improvement over 1.1 in the areas of management and usability while the filtering remains backwards compatible with 1.1. See the file CHANGES in the doc directory for a full listing of the new features. Here is the README file from the package. - ----------------------------------8<--------------------------------- Drawbridge 2.0 INTRODUCTION: Drawbridge is a copyrighted but freely distributable bridging IP filter with a powerful syntax and good performance. It uses a PC with either two Ethernet cards or two FDDI cards to perform the filtering. It is composed of three different tools: Filter, Filter Compiler and Filter Manager. This distribution is version 2.0 which is a major overhaul of Filter. To get a better idea of how Drawbridge works and how it is used, begin with the paper tamu.ps in the doc directory. It describes the entire suite of TAMU security tools. (Note that this paper is in the process of being updated, though the portions concerning Drawbridge are up to date.) AVAILABILITY: Drawbridge is available via anonymous ftp from net.tamu.edu in pub/security/TAMU as: drawbridge-2.0.tar.gz The package should untar into 4 directories: doc - directory with documentation about Drawbridge (including three papers referenced in the documentation) fm - directory with source code for the Filter Manager plus a binary for Solaris 2.3 on Sparc. fc - directory with source code for the Filter Compiler plus a binary for Solaris 2.3 on Sparc. filter - directory with three PKZIP archives and PKUNZIP.EXE ndis.zip - PKZIP archive containing version 2.1 of the NDIS 2.01 utilities. filter.zip - PKZIP archive with source code and executable for the Filter. config.zip - PKZIP archive with example config.sys, protocol.ini, autoexec.bat and the latest SMC driver for the Ethernet cards required by earlier versions of Drawbridge. And 2 files: README - this file COPYING - copyright notice. REQUIREMENTS: The requirements are less stringent in Drawbridge version 2.0. Filter is compiled for and requires an 80386 or higher processor (it is documented in the makefile how to compile specifically for a higher processor). Any Ethernet or FDDI boards for any bus may be used as long as they have DOS NDIS 2.01 drivers. NOTE! These drivers *must* support promiscuous mode, *must* allow you to configure the driver to support two cards in one PC, and *must* provide access to the native media frame format. Be careful to confirm this before you settle on any adapters. Some drivers do not support these features. It is recommended that you use a PC with a hard disk, however, you can build a setup that uses a floppy. The reason for recommending a hard disk is that when Filter performs a write and writes all of its tables to disk, *all packet forwarding stops* for the duration of the write. This may take a substantial amount of time on a floppy depending on the configuration loaded into Filter. BUILDING: The Filter Compiler and Filter Manager both require an ANSI C compiler; the GNU C Compiler (gcc) is recommended. The Filter has been compiled with Borland C++ 4.02 and Borland Turbo Assembler 4.0 but will compile with Borland C++ 3.0. An executable version of Filter is provided in case you do not have access to these tools. To build Filter Compiler (fc) and Filter Manager (fm), just go into the respective directories and type "make " where is solaris, aix, etc. (see the makefile comments for currently supported platforms). If you type just "make" the makefiles will attempt to build for Solaris 2.X by default. To install fc and fm, edit the makefiles to set the destination directory, become root and type "make install". To build Filter, unarchive the PKZIP archive, go to the source directory and type "make". (If you don't have Borland C++ you can just use the supplied executable.) CONTACTS: Any suggestions or comments should be sent to: drawbridge@net.tamu.edu Any and all feedback on this package is welcome. Also, ports of the Filter Compiler and Filter Manager to other platforms would be appreciated. Drawbridge is designed and programmed by: David K. Hess Douglas Lee Schales David R. Safford Texas A&M University July 12, 1995 - ----------------------------------8<--------------------------------- Dave - -- David K. Hess Network Analyst David-Hess@tamu.edu Computing and Information Services - Network Group (409) 845-0372 (work) Texas A&M University -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBMAqCXV8zBHQFOLoJAQGpdgP9HDY8sD18Ul5SCMsaYVd31CbRDjSBp6Fk wrv0AyZyD487PWq23ZMfv6BBk16zYMK/C1J2jRQWZqAmW2AF1w1s/ZvsQ6WPVEdE QoEclqtSe3s32kdAf65FSc4OGdMjud2Kle1JrcO63KKWDHkddCGMKa4XpI6LOnsm JEJEG8IOTHY= =lwic -----END PGP SIGNATURE----- -- David K. Hess Network Analyst David-Hess@tamu.edu Computing and Information Services - Network Group (409) 845-0372 (work) Texas A&M University