From owner-freebsd-hackers Thu Dec 7 21: 3:19 2000 From owner-freebsd-hackers@FreeBSD.ORG Thu Dec 7 21:03:17 2000 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from gradient.cis.upenn.edu (GRADIENT.CIS.UPENN.EDU [158.130.67.48]) by hub.freebsd.org (Postfix) with ESMTP id 799ED37B400 for ; Thu, 7 Dec 2000 21:03:13 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by gradient.cis.upenn.edu (8.10.1/8.10.1) with ESMTP id eB853Ct29644 for ; Fri, 8 Dec 2000 00:03:12 -0500 (EST) Date: Fri, 8 Dec 2000 00:03:12 -0500 (EST) From: Alwyn Goodloe To: freebsd-hackers@FreeBSD.org Subject: Packet Header Filtering Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG We are about to begin a little project that has the following requiremnet. Perform IP packet filtering in the following way : i) look at an ip packet header. If some conditions are met let the packet pass otherwise reject the packet. ii) Look at ip packet headers of established connections and when certain conditions are met tear down the connection. Obviously this isn't the kind of thing we will be using the usual firewall software, at least not as I understand the software. What I want to know from you FreeBSD hackers is: i) if anyone has done something similar do you have any advice. ii) Anyone know where I should start hacking. Would it be best to try to hack the firewall code or the ipforwarding code.... Any such advise would be helpful. Alwyn Goodloe agoodloe@gradient.cis.upenn.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message