From owner-freebsd-ipfw@FreeBSD.ORG  Tue May 20 03:38:47 2003
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id AA74F37B401
	for <freebsd-ipfw@freebsd.org>; Tue, 20 May 2003 03:38:47 -0700 (PDT)
Received: from mout1.freenet.de (mout1.freenet.de [194.97.50.132])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 20F3B43F85
	for <freebsd-ipfw@freebsd.org>; Tue, 20 May 2003 03:38:46 -0700 (PDT)
	(envelope-from ino-qc@spotteswoode.de.eu.org)
Received: from [194.97.50.138] (helo=mx0.freenet.de)
	by mout1.freenet.de with asmtp (Exim 4.20)
	id 19I4W3-0002nO-V9
	for freebsd-ipfw@freebsd.org; Tue, 20 May 2003 12:38:43 +0200
Received: from pd9501609.dip.t-dialin.net ([217.80.22.9]
	helo=spotteswoode.dnsalias.org)
	by mx0.freenet.de with asmtp (ID inode@freenet.de) (Exim 4.20 #1)
	id 19I4W1-0002GV-Ve
	for freebsd-ipfw@freebsd.org; Tue, 20 May 2003 12:38:42 +0200
Received: (qmail 2754 invoked by uid 0); 20 May 2003 10:38:41 -0000
Date: 20 May 2003 12:38:41 +0200
Message-ID: <d6idlx72.fsf@ID-23066.news.dfncis.de>
From: "clemens fischer" <ino-qc@spotteswoode.de.eu.org>
To: "dmitry surovtsev" <dsurovtsev@yahoo.com>
In-Reply-To: <20030519152605.2456.qmail@web12708.mail.yahoo.com> (dmitry
 surovtsev's message of "Mon, 19 May 2003 08:26:05 -0700 (PDT)")
References: <20030519152605.2456.qmail@web12708.mail.yahoo.com>
User-Agent: Gnus/5.1002 (Gnus v5.10.2) Emacs/21.3 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
cc: freebsd-ipfw@freebsd.org
Subject: Re: content-based firewall
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 20 May 2003 10:38:47 -0000

dmitry surovtsev <dsurovtsev@yahoo.com>:

>>I wrote a small application filter, for filtering 
>>application data
>>to/from SMTP servers using ipfw's divert socket 
>>(actually, I used
>>tee, so only a copy of the packet is sent to the 
>>divert socket).
>>
>>What kind of complexity do you need?
>
> Thanks for reply. I need to control all smtp, pop, and
> http traffic. Where can I get your application filter?
> Is it's source code available as well?

i am interested in this as well.  the only thing in this context i
remember are the accf_http(9) filters.  is the divert-filtering code
somewhere publicly accessable?

  clemens