[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Savannah-register-public] [task #8847] Submission of IPQ BDB filter

From: Alessandro Vesely
Subject: [Savannah-register-public] [task #8847] Submission of IPQ BDB filter
Date: Sat, 15 Nov 2008 12:10:34 +0000
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv: Gecko/2008102920 Firefox/3.0.4


                 Summary: Submission of IPQ BDB filter
                 Project: Savannah Administration
            Submitted by: ale2003
            Submitted on: Sat 15 Nov 2008 01:10:33 PM CET
         Should Start On: Sat 15 Nov 2008 12:00:00 AM CET
   Should be Finished on: Tue 25 Nov 2008 12:00:00 AM CET
                Category: Project Approval
                Priority: 5 - Normal
                  Status: None
                 Privacy: Public
        Percent Complete: 0%
             Assigned to: None
             Open/Closed: Open
         Discussion Lock: Any
                  Effort: 0.00



A new project has been registered at Savannah 
This project account will remain inactive until a site admin approves or
discards the registration.

= Registration Administration =

While this item will be useful to track the registration process, *approving
or discarding the registration must be done using the specific Group
<> page*,
accessible only to site administrators, effectively *logged as site
administrators* (superuser):

* Group Administration

= Registration Details =

* Name: *IPQ BDB filter*
* System Name:  *ipqbdb*
* Type: non-GNU software & documentation
* License: GNU General Public License v2 or later (The project license is

There are no media files, so any statement about them is true.)


==== Description: ====
IPtables is a popular firewall on GNU/Linux systems. It features the ability
to queue IP addresses to a user space daemon that can issue a verdict for
blocking the packet being examined. The IPQ BDB filter provides such user
space program that looks up a Berkeley DB data base of IPv4 addresses.

The daemon is designed to block address in a fuzzy fashion, inspired by the
STOCKADE daemon (see link below.) Each record features a decay and a
probability. Banning an IP either inserts a new record with the given
probability, or doubles the probability of an existing record. Probabilities
define the likelihood that a packet will be blocked. They decrease
automatically: The decay is the time in which a probability halves. It is
possible to whitelist IP addresses in order to establish their initial decay.
The decay is increased whenever the probability passes a certain boundary, so
that repeatedly banned IPs end up with a slow decay.

Banning is accomplished by a command line utility, and by a log parsing
daemon. In that respect, ipqbdb is a light version of fail2ban (see link

Programs are written in C.

Multiple DBs can be used for multiple netfilter queues.


==== Other Software Required: ====
Netfilter - GPLv2 or later
Berkeley DB - GPL and other
Popt - GNU

==== Other Comments: ====
The project is not yet finished. (I still have to code an utility to
list/delete records.)

I'm looking for an SVN server for this project. May I test svn at Savannah?

Thanks for your attention

==== Tarball URL: ====


Reply to this item at:


  Message sent via/by Savannah

reply via email to

[Prev in Thread] Current Thread [Next in Thread]