Various stuff I have had the urge to release at some point.
This is a more useful tool. It uses gnuplot+iptables to draw some (pretty nice, i'd say) bandwidth usage graphs. Features:
The script gets the list of IP/port definitions and adds two new iptables chains that have a rule to detect each IP/port definition. Then, it parses the rules at a configurable rate and gets the counter values, and draws nice graphs reflecting the situation. It uses gnuplot for the graphs. You can either set gnuplot to output svg/png or forward X with SSH, if you (probably) don't have a router with X and a monitor :).
downloadIt's hacked together from the itunnel tool and some vtun files. It allows you to tunnel any kind of traffic over ICMP. It's basically operational, but would propably need some fine-tuning for your enviroment (luckily itunnel is very straightforward and easy to understand piece of code). Apparently there are some bugs in it, too :)
The main usage of this tool (for me) are wireless hotspots that allow internet access as a payed service, but at times let ICMP packets through even without paying. Maybe it's so that you could see how fast the net is. Anyways, running one end of the tunnel from home you can set it up and get internet access for free. If this does not work, you could also go for a DNS tunnel.
downloadA patch-o-matic-style bundle to add IPVS connection table matching capabilities to your kernel/iptables. I'd say it's pretty experimental (but seems to work). AFAIK this patch will not work for newer (2.6.28) kernels. I could find an updated version of this patch if there was a need (meaning, I know it's laying on a machine but won't get around to put it up here).
downloadA dynamic detection plugin (requires snort 2.6+ AFAIK) for detecting unencrypted creditcard numbers in network traffic. It's intended for detecting numbers leaking by mistake, rather than by someone deliberately exporting them. It does the following: