Ports Search

Finding the home country of a client using only the IP address can be difficult. Looking up the domain name associated with that address can provide some help, but many IP address are not reverse mapped to any useful domain, and the most common domain (.com) offers no help when looking for country. This module comes bundled with a database of countries where various IP addresses have been assigned. Although the country of assignment will probably be the country associated with a large ISP rather than the client herself, this is probably good enough for most log analysis applications, and under test has proved to be as accurate as reverse-DNS and WHOIS lookup.

WIDE-DHCPv6 is an open-source implementation of Dynamic Host Configuration Protocol for IPv6 (DHCPv6), originally developed by the KAME project. The implementation mainly conforms to the following standards: - RFC3315: Dynamic Host Configuration Protocol for IPv6 (DHCPv6) - RFC3319: DHCPv6 Options for Session Initiation Protocol (SIP) Servers - RFC3633: IPv6 Prefix Options for DHCP - RFC3646: DNS Configuration options for DHCPv6 - RFC3898: Network Information Service (NIS) Configuration Options for DHCPv6 - RFC4075: Simple Network Time Protocol (SNTP) Configuration Option for DHCPv6 - RFC4242: Information Refresh Time Option for DHCPv6 - RFC4280: DHCP Options for Broadcast and Multicast Control Servers Note that the current implementation does not support temporary IPv6 address allocation by DHCPv6, and there is no plan to implement that feature at the moment.

fwlogwatch is a packet filter and firewall log analyzer General features: - Can detect and process log entries in the following formats: - Linux ipchains, Linux netfilter/iptables, Solaris/BSD/Irix/HP-UX ipfilter, BSD ipfw, Cisco IOS, Cisco PIX / FWSM, NetScreen, Windows XP firewall, Elsa Lancom router, Snort IDS - Entries can be parsed from single, multiple and combined log files, the parsers to be used can be selected. - Gzip-compressed logs are supported transparently. - Can separate recent from old entries and detects timewarps in log files. - Can recognize 'last message repeated' entries concerning the firewall. - Integrated resolver for protocols, services and host names. - Can do lookups in the whois database. - Own DNS and whois information cache for faster lookups. - Hosts, networks, ports, chains and branches (targets) can be selected or excluded as needed. - Support for internationalization (available in english, german, portuguese, simplified and traditional chinese, swedish and japanese).

e2guardian is a content filtering proxy that works in conjunction with another caching proxy such as Squid or Oops. More information can be found in the e2guardian man page, the "doc" subdirectory and the in the configuration files. e2guardian is a fork of DansGuardian and the maintainers fully acknowledge the work carried out by and the copyright of Daniel Baron and other contributors to the Dansguardian project. E2Guardian Main features: Built-in content scanner plugin system which includes AV scanning. Can be configured to have multiple filter configurations including groups SSL Inspection and Blanket SSL blocking NTLM, Digest, Basic, IP and DNS authentication Header analysis and manipulation - you can also manipulate cookies - Large file (2GB+) download & scanning support Blacklist, Greylist domains Deny regular Expressions on urls, body content, and headers Deep URL scanning to spot URLs in URLs Advanced advert blocking Updates to handle all current web technology trends Time Based Blocking

transproxy - transparently proxy HTTP requests. This program is used with ipfw's fwd rules or Darren Reed's IPFILTER package, and is used to intercept HTTP requests and divert them to a HTTP proxy server (eg: squid), without requiring user intervention or configuration. It accepts connections on the redirected port, connects to the real proxy server, and transports data between the two sockets. The original HTTP request is modified to allow the HTTP proxy server to fetch the correct document. In most cases this doesn't cause any DNS activity. Unlike some other transparent proxy solutions, this does not require the HTTP proxy server to run on the machine itself. See /usr/local/sbin/tproxyrun for an example of how to add filter rules and start tproxy. Also see /usr/local/sbin/tproxywatch for an example of how to ensure that tproxy keeps running regardless of faults.

jdresolve resolves IP addresses to hostnames. Any file format is supported, including those where the line does not begin with the IP address. One of the strongest features of the program is the support for recursion, which can drastically reduce the number of unresolved hosts by faking a hostname based on the network that the IP belongs to. DNS queries are sent in parallel, which means that you can decrease run time by increasing the number of simultaneous sockets used (given a fast enough machine and available bandwidth). By using the database support, performance can be increased even further, by using cached data from previous runs. Included is a tiny shell script called rhost to interface with jdresolve when resolving a single IP address. Think of it as a smart replacement for the 'host' utility that comes with bind-utils.

What is The Webalizer? ---------------------- A fast, free web server log file analysis program. Produces HTML output for viewing with a web browser. Written in C on a Linux platform, however designed to be as ANSI/POSIX compliant as possible so porting to other UNIX platforms should be painless. Binary distributions for most popular platforms are available. Features multiple language support, incremental processing capabilities, reverse DNS lookup support, export via tab separated ascii files to popular databases and spreadsheets, and much more. Supports standard CLF and combined logs, as well as wu-ftpd xferlog and squid proxy logs, which can be either in standard text format or gzip compressed. Keywords: Web Analysis, Log Analysis, Usage Statistics, Linux, Unix

This program is a very basic interface to Paul Vixie's RBL filter. The basic idea of the filter is that when someone is blacklisted for an email abuse, a new domain name is resolved in the form of "a.b.c.d.rbl.maps.vix.com", where "a.b.c.d" is actually the IP address "d.c.b.a". For example, if the IP address 127.0.0.2 were listed as a blacklisted address, "2.0.0.127.rbl.maps.vix.com" would have a DNS entry (this is a real example; that address is in place as a verification mechanism). For more information about the RBL blacklist, please take a look at http://maps.vix.com/rbl/ . For more information about BIND, drop by http://www.isc.org/bind.html . The official home page for rblcheck is at http://www.xnet.com/~emarshal/rblcheck/ . Any ideas, bugfixes, or porting notes should be sent to me at "emarshal@logic.net". Don't bug the MAPS people about this; they didn't write it, and probably wouldn't like getting a bunch of mail about it.

Freenet6 is an IPv6 access service offered for free to the community. This service enables thousands of people from all over the world to experience the best solution for a smooth and incremental deployment of IPv6. Freenet6 users can get IPv6 connectivity from anywhere, including from behind any NAT device or from outside of their home network. On Freenet6, a single, permanent IPv6 address and a DNS name are assigned to each user, making their PC reachable from anywhere on the IPv6 internet. A full /48 prefix may also be assigned to a router, enabling the distribution of IPv6 connectivity to an entire network. Freenet 6 - Get Connected For Free! Instead of a Web interface, which is usually offered by traditional tunnel brokers, Freenet6 uses an innovative model based on a client/server architecture. The Gateway6 Client is software that usually runs on a PC and that implements the Tunnel Setup Protocol (TSP). The Gateway6 Client is used to automatically negotiate a configured tunnel between a PC or router and the Freenet6 tunnel broker, making IPv6 easy to install and maintain. The Gateway6 Client source code is licensed under the GPL. A commercial license is also available.

The Python Dugong module provides an API for communicating with HTTP 1.1 servers. It is an alternative to the standard library's http.client (formerly httplib) module. In contrast to http.client, Dugong: * allows you to send multiple requests right after each other without having to read the responses first. * supports waiting for 100-continue before sending the request body. * raises an exception instead of silently delivering partial data if the connection is closed before all data has been received. * raises one specific exception (ConnectionClosed) if the connection has been closed (while http.client connection may raise any of BrokenPipeError, BadStatusLine, ConnectionAbortedError, ConnectionResetError, IncompleteRead or simply return '' on read) * supports non-blocking, asynchronous operation and is compatible with the asyncio module. * can in most cases distinguish between an unavailable DNS server and an unresolvable hostname. * is not compatible with old HTTP 0.9 or 1.0 servers. All request and response headers are represented as str, but must be encodable in latin1. Request and response body must be bytes-like objects or binary streams.