From owner-freebsd-hackers  Fri Dec  8  4:11:31 2000
From owner-freebsd-hackers@FreeBSD.ORG  Fri Dec  8 04:11:28 2000
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from security.za.net (security.za.net [196.2.146.22])
	by hub.freebsd.org (Postfix) with ESMTP id DF6A237B400
	for <freebsd-hackers@FreeBSD.org>; Fri,  8 Dec 2000 04:11:23 -0800 (PST)
Received: from localhost (lists@localhost)
	by security.za.net (8.9.3/8.9.3) with ESMTP id OAA89790;
	Fri, 8 Dec 2000 14:10:54 +0200 (SAST)
	(envelope-from lists@security.za.net)
Date: Fri, 8 Dec 2000 14:10:54 +0200 (SAST)
From: Lists Account <lists@security.za.net>
To: Alwyn Goodloe <agoodloe@gradient.cis.upenn.edu>
Cc: freebsd-hackers@FreeBSD.org
Subject: Re: Packet Header Filtering
In-Reply-To: <Pine.SOL.4.21.0012080002140.29544-100000@gradient.cis.upenn.edu>
Message-ID: <Pine.BSF.4.21.0012081410050.89544-100000@security.za.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Look at IPF/IPFW they both have state table stuff in them, and analyzing
the ip header is done by both as well.  I would suggest you hack ipf to do
what you want if it doesnt do it already.

Cheers

Andrew

On Fri, 8 Dec 2000, Alwyn Goodloe wrote:

>    We are about to begin a little project that has the following requiremnet.
> 
>    Perform IP packet filtering  in the following way :
> 
> 
> i) look at an ip packet header. If some conditions are met let the packet pass
>    otherwise reject the packet.
> 
> 
> ii) Look at ip packet headers of established connections and when certain
>     conditions are met tear down the connection. 
> 
> 
>   Obviously this isn't the kind of thing we will be using the usual
> firewall software,  at least not  as I understand the software.  What I 
> want to know from you FreeBSD hackers is:
> 
>  i) if anyone has done something similar do you have any advice.
> ii) Anyone know where I should start hacking. Would it be best to try to
>     hack the firewall code or the ipforwarding code.... 
> 
> Any such advise would be helpful.
> 
> 
> Alwyn Goodloe
> agoodloe@gradient.cis.upenn.edu
> 
> 
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-hackers" in the body of the message
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message