This document is a description of the nuff programming language. Nuff is actually a collection of embedded languages built on top of scheme designed to make it easy to create, parse, analyse, and inject network packets in an asynchronous, efficient, and secure environment. This document is to serve as the definitive reference for programming nuff.
For most of this language description I will assume the reader is a competent scheme programmer and I intend to go fast. That said, since nuff was designed to make certain difficult tasks easy, you just might find you can keep up even without a deep understanding of scheme or symbol processing.
I hope that this document might provide an example of how scheme/lisp can be used in relevant network security applications for people who may not have been exposed to lisp in the past. In my opinion it is a shame that lisp has been under-represented in the security community so far. I think lisp has a lot to offer in almost every possible problem domain - even the traditionally C-dominated world of network security.
I also hope that experienced lisp programmers will enjoy this document since it describes an interesting application and, if I may humbly say so, is an example of using lisp as it is meant to be used - designing a language that would nicely fit a class of problems, then layering an interpreter/compiler for that language on top of lisp.
Nuff's APIs are, by design, very simple. Default values can be used almost everywhere making it easy to run advanced network experiments that would otherwise be major programming undertakings. In nuff there are no byte orders, no synchronisation issues, no pain-staking manual creating/parsing packets, and no worries of buffer overflows in the usual sense.
Unless they are obviously required, nuff removes the majority of your script's privileges before it runs. This makes security flaws in your script less serious. Unlike most other languages, unless you explicitly tell it, the compiler assumes every line of code you write is untrustable. With constructs like the privileged macro, you have to go out of your way to write insecure nuff code.
Nuff is interactive. You can use nuff as a tested, contained command line tool or as a user-centred environment for directly experimenting with the network. Packets can be captured, saved, modified, and replayed all from the interactive read-eval-print-loop (REPL). Nuff makes it easy to interact simultaneously with multiple network interfaces and sockets.
I hope you find nuff useful for your applications. I have. I enjoyed designing and creating nuff and hope that comes through in the documentation and code.