A simple wrapper of iptables....

ohyeahfw.py

#!/usr/bin/python2.7
"""
A wrapper of IPTables
"""

import os

D_IP = '0.0.0.0'

def basic_color(code):    
    def inner(text, bold=True):
        c = code
        if bold:
            c = "1;%s" % c
        return "\033[%sm%s\033[0m" % (c, text)
    return inner
    
    
black = basic_color('30')
red = basic_color('31')
green = basic_color('32')
yellow = basic_color('33')
blue = basic_color('34')
magenta = basic_color('35')
cyan = basic_color('36')

def run(cmd):
    os.popen(cmd)

def clean():
    os.system('clear')

def show_rules():
    cmd = 'iptables -L -n > output.dat'
    run(cmd)
    with open('output.dat', 'r') as f:
        data = f.read()
    print green(data)

def reset():
    cmd = 'iptables -F'
    run(cmd)
    print cyan('\tReset... Done')

def drop_payload(payload, dport):    
    cmd = 'iptables -I FORWARD -p tcp -d ' + D_IP + ' --dport ' + dport + ' -m string --algo bm --string "' + payload + '" -j DROP'
    run(cmd)

def undrop_payload(payload, dport):    
    cmd = 'iptables -D FORWARD -p tcp -d ' + D_IP + ' --dport ' + dport + ' -m string --algo bm --string "' + payload + '" -j DROP'
    run(cmd)

def drop_hexpayload(payload, dport):    
    cmd = 'iptables -I FORWARD -p tcp -d ' + D_IP + ' --dport ' + dport + ' -m string --algo bm --hex-string "' + payload + '" -j DROP'
    run(cmd)

def undrop_hexpayload(payload, dport):    
    cmd = 'iptables -D FORWARD -p tcp -d ' + D_IP + ' --dport ' + dport + ' -m string --algo bm --hex-string "' + payload + '" -j DROP'
    run(cmd)

def drop_port(dport):    
    cmd = 'iptables -I FORWARD -p tcp -d ' + D_IP + ' --destination-port ' + dport + ' -j DROP'
    run(cmd)

def undrop_port(dport):    
    cmd = 'iptables -D FORWARD -p tcp -d ' + D_IP + ' --destination-port ' + dport + ' -j DROP'
    run(cmd)

def drop_maxsize(size, dport):
    cmd = 'iptables -I FORWARD -p tcp -d ' + D_IP + ' --dport ' + dport + ' -m length --length ' + size + ': -j DROP'
    run(cmd)

def undrop_maxsize(size, dport):
    cmd = 'iptables -D FORWARD -p tcp -d ' + D_IP + ' --dport ' + dport + ' -m length --length ' + size + ': -j DROP'
    run(cmd)

def drop_payload_noport(payload):    
    cmd = 'iptables -I FORWARD -p tcp -d ' + D_IP + ' -m string --algo bm --string "' + payload + '" -j DROP'
    run(cmd)

def undrop_payload_noport(payload):    
    cmd = 'iptables -D FORWARD -p tcp -d ' + D_IP + ' -m string --algo bm --hex-string "' + payload + '" -j DROP'
    run(cmd)

promt_message = cyan("""\n    Select from the menu:""") + blue("""        
        [1] Drop payload (ascii)
        [2] Undrop payload (ascii)      

        [3] Drop payload (hex)
        [4] Undrop payload (hex)      

        [5] Drop port
        [6] Undrop port        

        [7] Drop follow maxlength
        [8] Undrop follow Maxlength

        [9] Drop payload noport
        [10] Undrop payload noport

        [+] Reset
        [0] Quit OhYeahFw\n\n""") + green("""    Parser Wrapper> """)

if __name__ == '__main__':
    
    while (True):    
        clean()    
        print cyan("\n    Animal.OhYeah Fw")
        print cyan("    Your D_IP: " + D_IP + "\n")
        show_rules()
        cmd = raw_input(promt_message).strip()
        if cmd == '1':
            dport = raw_input(cyan('    Port> ')).strip()                    
            payload = raw_input(cyan('    Drop payload (eg: AAAA)> ')).strip()
            drop_payload(payload=payload, dport=dport)
            show_rules()
        elif cmd == '2':
            dport = raw_input(cyan('    Port> ')).strip()
            payload = raw_input(cyan('    Undrop payload (eg: AAAA)> ')).strip()            
            undrop_payload(payload=payload, dport=dport)
            show_rules()
        elif cmd == '3':
            dport = raw_input(cyan('    Port> ')).strip()                    
            payload = '|' + raw_input(cyan('    Drop payload (eg: 41414141) > ')).strip() + '|'
            drop_hexpayload(payload=payload, dport=dport)
            show_rules()
        elif cmd == '4':
            dport = raw_input(cyan('    Port> ')).strip()
            payload = '|' + raw_input(cyan('    Undrop payload (eg: 41414141) > ')).strip() + '|'
            undrop_hexpayload(payload=payload, dport=dport)
            show_rules()
        elif cmd == '5':
            port = raw_input(cyan('    Drop port> ')).strip()
            drop_port(port)
            show_rules()
        elif cmd == '6':
            port = raw_input(cyan('    Drop port> ')).strip()
            undrop_port(port)        
            show_rules()
        elif cmd == '7':
            port = raw_input(cyan('    Drop port> ')).strip()
            size = raw_input(cyan('    Max length (lenStr + 42bytes)> ')).strip()
            drop_maxsize(size=size, dport=port)
            show_rules()
        elif cmd == '8':
            port = raw_input(cyan('    Undrop port> ')).strip()
            size = raw_input(cyan('    Max length (lenStr + 42bytes)> ')).strip()
            undrop_maxsize(size=size, dport=port)
            show_rules()
        elif cmd == '9':            
            payload = raw_input(cyan('    Undrop payload (eg: AAAA)> ')).strip()            
            drop_payload_noport(payload=payload)
            show_rules()        
        elif cmd == '10':            
            payload = raw_input(cyan('    Undrop payload (eg: AAAA)> ')).strip()            
            undrop_payload_noport(payload=payload)
            show_rules()
        elif cmd == '+':
            reset()
            show_rules()            
        elif cmd == '0':
            print cyan('\tBye!')
            exit()
        else:
            print red('\tErr!')

tcpdump.txt

tcpdump -lX "tcp port 4444 && tcp[13] & 8 != 0"