Date: Wed, 15 Jan 1997 22:46:15 -0500 From: "Louis A. Mamakos" <louie@TransSys.COM> To: Poul-Henning Kamp <phk@critter.dk.tfs.com> Cc: Joe Greco <jgreco@solaria.sol.net>, ejs@bfd.com (Eric J. Schwertfeger), nate@mt.sri.com, current@freebsd.org Subject: Re: ipfw cannot do this... Message-ID: <199701160346.WAA11638@whizzo.transsys.com> In-Reply-To: Your message of "Wed, 15 Jan 1997 21:36:56 %2B0100." <28389.853360616@critter.dk.tfs.com> References: <28389.853360616@critter.dk.tfs.com>
index | next in thread | previous in thread | raw e-mail
> This is the point where a firewall module using the bpf engine becomes > interesting, and the task more or less changes to one of compiler- > writing... I've done this in a user-mode SLIP implementation on another processor, and it's quite handy and too difficult to do. It turns out that the "compiler" already exists - you can fairly easily extract the one in tcpdump(1) and bend it to your will. Once you've done this in a general purpose way, you could put it in into a dial-on-demand PPP implemenatation have very fine-grained control over what sort of packets are allowed to bring an on-demand PPP link up, and what sort of packets will serve to keep the link from timing out due to inactivity. louiehome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199701160346.WAA11638>