Look at ipproto switch table... That might help you find some function
pointers that would be logical to hijack in order to do this sort of
thing.
it's in /usr/src/sys/netinet/*.c somewhere.
andrew
On Fri, 8 Dec 2000, Alwyn Goodloe wrote:
> We are about to begin a little project that has the following requiremnet.
>
> Perform IP packet filtering in the following way :
>
>
> i) look at an ip packet header. If some conditions are met let the packet pass
> otherwise reject the packet.
>
>
> ii) Look at ip packet headers of established connections and when certain
> conditions are met tear down the connection.
>
>
> Obviously this isn't the kind of thing we will be using the usual
> firewall software, at least not as I understand the software. What I
> want to know from you FreeBSD hackers is:
>
> i) if anyone has done something similar do you have any advice.
> ii) Anyone know where I should start hacking. Would it be best to try to
> hack the firewall code or the ipforwarding code....
>
> Any such advise would be helpful.
>
>
> Alwyn Goodloe
> [EMAIL PROTECTED]
>
>
>
>
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-hackers" in the body of the message
>
*-------------.................................................
| Andrew R. Reiter
| [EMAIL PROTECTED]
| "It requires a very unusual mind
| to undertake the analysis of the obvious" -- A.N. Whitehead
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
