Look at IPF/IPFW they both have state table stuff in them, and analyzing
the ip header is done by both as well. I would suggest you hack ipf to do
what you want if it doesnt do it already.
Cheers
Andrew
On Fri, 8 Dec 2000, Alwyn Goodloe wrote:
> We are about to begin a little project that has the following requiremnet.
>
> Perform IP packet filtering in the following way :
>
>
> i) look at an ip packet header. If some conditions are met let the packet pass
> otherwise reject the packet.
>
>
> ii) Look at ip packet headers of established connections and when certain
> conditions are met tear down the connection.
>
>
> Obviously this isn't the kind of thing we will be using the usual
> firewall software, at least not as I understand the software. What I
> want to know from you FreeBSD hackers is:
>
> i) if anyone has done something similar do you have any advice.
> ii) Anyone know where I should start hacking. Would it be best to try to
> hack the firewall code or the ipforwarding code....
>
> Any such advise would be helpful.
>
>
> Alwyn Goodloe
> [EMAIL PROTECTED]
>
>
>
>
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-hackers" in the body of the message
>
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
