The Official Unofficial Zorp project
Overview| Examples| Bugs| FAQ | White papers | Download | Help wanted | SourceForge Project page | Filltable utility Project News: Zorp unofficial
  • zorp 2.0.9-6 has been released
  • iptables-utils zorp-unoff version has been released
  • New whitepaper, even more FAQs
  • Zorp whitepapers released, new FAQs
  • New tproxy versions
  • New Zorp version: get the DN
  • The best bughunter
  • Bughunting contest extended
  • Valentine day bughunting contest!
  • Site updates: FAQ, design
  • Project File Releases: Zorp unofficial
  • zorp 2.0.9-6 released (Mon, 01 Nov 2004 21:49:58 GMT)
  • zorp 2.0.9-6 released (Mon, 01 Nov 2004 21:40:56 GMT)
  • iptables-utils 1.21-1 released (Mon, 01 Nov 2004 21:19:42 GMT)
  • zorp 2.0.9-1 released (Sat, 12 Jun 2004 00:00:00 GMT)
  • zorplibll released (Sat, 12 Jun 2004 00:00:00 GMT)
  • zorp zorp_2.0.8-1 released (Thu, 11 Dec 2003 00:00:00 GMT)
  • zorp zorp_2.0.7-2 released (Wed, 03 Dec 2003 00:00:00 GMT)
  • zorp zorp_2.0.7-1 released (Tue, 11 Nov 2003 00:00:00 GMT)
  • zorplibll zorplibll_2.0.26.23-1 released (Mon, 10 Nov 2003 00:00:00 GMT)
  • Next Previous Contents

    3. This project and the official Zorp

    For those who are unfamiliar with either Zorp, or the relationship between Balabit (the developers of Zorp) and this project:

    3.1 About Zorp

    This is what Balabit states about Zorp:

    Zorp is a new generation firewall. It is essentially a transparent proxy firewall, with strict protocol analyzing proxies, a modular architecture, and fine-grained control over the mediated traffic. Configuration decisions are scriptable with the Python based configuration language.

    Zorp has been successfully deployed in demanding environments like the protection of high traffic web sites, or the protection of large intranets. Since the protocol analysis is strict and many of the common exploits violate the application protocol they are injected into, a large percentage of the attacks do not cross a Zorp based firewall even if the given service is permitted.

    In a labor environment we could fully saturate a 100MBit ethernet link, and use up to about 600MBit of the bandwidth of an 1000MBit ethernet link. In real life situations we saturated a 10MBit internet link with 500 parallel sessions.

    Zorp-gpl can be found at

    Zorp is written in C, and the decision layer is in python.

    Its dependencies include glib and python-extclass.

    Zorp runs in Linux, and should be easily portable to any unixen with a decent packet filter.

    Zorp is based on concepts not easily understandable even for the average security professional.

    3.2 Relationship of this project to Zorp

    This project is an attempt to change from the cathedraal development style to the bazaar, and have better communication with the community.

    The primary developer of Zorp-gpl is BalaBit Inc. I have their consent to start a SourceForge project, both because there are areas they do not want to see yet in their code for support reasons, but expect to be very interesting in the long run (e.g. MAC decision layer), and both because they try to find ways to improve their relationship with the community.

    Next Previous Contents