bruco_pipe is simple intrusion prevention pipe filter.

  $ wget http://re2.googlecode.com/files/re2-20130622.tgz
  $ tar xvfz re2-20130622.tgz
  $ cd re2
  $ make
  $ make install

for Linux, FreeBSD

$ git clone https://github.com/yoggy/bruco_pipe.git
$ cd bruco_pipe
$ make

for Mac OS X

$ git clone https://github.com/yoggy/bruco_pipe.git
$ cd bruco_pipe
$ make CPPFLAGS=-DMAC_OS_X

see the "make test" for more information...

usage : ./bruco_pipe config_file command [arg1] [arg2]...

  examples
    $ ./bruco_pipe sample_config.txt /path/to/program

$ ./bruco_pipe sample_config.txt /bin/date
2013-08-03T19:59:12+0900 [D] dump_stream : [out_bound] Sat Aug  3 19:59:12 JST 2013\x0a  <- stderr

$ ./bruco_pipe sample_config.txt ./test_server
2013-08-03T18:56:57+0900 [D] dump_stream : [out_bound] test0\x0a   <- stderr
test0                                                              <- stdout
2013-08-03T18:56:58+0900 [D] dump_stream : [out_bound] test1\x0a
test1
2013-08-03T18:56:59+0900 [D] dump_stream : [out_bound] test2\x0a
test2
2013-08-03T18:57:00+0900 [D] dump_stream : [out_bound] test3\x0a
test3
2013-08-03T18:57:01+0900 [D] dump_stream : [out_bound] test4\x0a
test4
2013-08-03T18:57:02+0900 [D] dump_stream : [out_bound] bbbb\x0a
2013-08-03T18:57:02+0900 [W] break_session : type=outbound_deny_re, outbound_re=\x62\x62\x62\x62  <- pipe disconnect

# log level (0:debug, 1:info, 2:warn)
output_log_level = 0

# max output string length
output_string_length = 1024

# udp log output
udp_log_output_enable = false
udp_log_output_host   = 127.0.0.1
udp_log_output_port   = 12345

# dump stream (true / false)
dump_stream = true

# nice() setting
nice = 5

# regular expression (deny)
inbound_deny  = \x62\x62\x62\x62
outbound_deny = \x62\x62\x62\x62

# regular expression (pass)
#inbound_pass  = \x62\x62\x62\x62
#outbound_pass = \x62\x62\x62\x62

# default policy (true / false)
inbound_default_pass  = true
outbound_default_pass = true