Rulerproxy is an efficient, userspace application for Linux that allows one to apply Ruler filters at application level (e.g., after TCP reassembly). Rulerproxy is capable of checking the data in the streams and then drop it, rewrite it, and/or forward it (either to its original, or a new one).

Rulerproxy is based on rather efficient asynchronous I/O, and as a result we are capable of supporting thousands of connections without a problem. In addition, on common off-the-shelf hardware, we demonstrated that Rulerproxy sustains gigabit throughputs for payload scans.

Rulerproxy was developed by Vrije Universiteit as part of the EU FP6 Lobster project by Lennert Buytenhek.

If you want to play with Rulerproxy, make sure to:

  • install Ruler
  • install libivykis (a library for asynchronous I/O)
  • Read the 00README.txt for Rulerproxy
  • Install Rulerproxy Have fun! HJB
    Bos Herbert
    Last modified: Tue Sep 18 14:05:17 CEST 2007