Date: Thu, 1 Dec 2005 03:11:42 -0600 From: "Travis H." <solinym@gmail.com> To: Thiago Damas <tdamas@gmail.com>, alexandre.delay@free.fr Cc: freebsd-pf@freebsd.org Subject: Re: Protocol filter capabilities Message-ID: <d4f1333a0512010111l53eb64aaqeb10cb5ac8590824@mail.gmail.com> In-Reply-To: <f8e3d83f0511240547k585dd99fh@mail.gmail.com> References: <MAEBLPAGHGPMOKCBICBNMENPCIAA.alexandre.delay@free.fr> <f8e3d83f0511240546ud5b4a1m@mail.gmail.com> <f8e3d83f0511240547k585dd99fh@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 11/24/05, Thiago Damas <tdamas@gmail.com> wrote: > I have a program that implements this, via divert socket with ipfw. > I think the better way to do this is with a program that listens > with bfp/pcap, and inserts/deletes rules using ioctls in /dev/pf I am doing something similar to this. Actually I've decoupled the two functions; I have the dynamic firewall daemon which re-writes firewall rules and exports a sort of command line, and then I am working on a pcap-based listener which will invoke rules on that command line. dfd_keeper works with pf, and I'm looking for someone to take over the iptables version (dfd_tbk). See my homepage for the dynamic firewall daemon. Please send me any requests about exactly what protocols you'd like to take action in response to, and I'll do my best to include that capability in my pcap-based listener. And, as always, I am very open to any suggestions. I had a root disk failure recently, but if I recover from that quickly, I may have working code by Sunday. -- http://www.lightconsulting.com/~travis/ -><- "We already have enough fast, insecure systems." -- Schneier & Ferguson GPG fingerprint: 50A1 15C5 A9DE 23B9 ED98 C93E 38E9 204A 94C2 641B
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d4f1333a0512010111l53eb64aaqeb10cb5ac8590824>