Protocol filter capabilities
Travis H.
solinym at gmail.com
Thu Dec 1 09:11:44 GMT 2005
On 11/24/05, Thiago Damas <tdamas at gmail.com> wrote:
> I have a program that implements this, via divert socket with ipfw.
> I think the better way to do this is with a program that listens
> with bfp/pcap, and inserts/deletes rules using ioctls in /dev/pf
I am doing something similar to this.
Actually I've decoupled the two functions; I have the dynamic firewall
daemon which re-writes firewall rules and exports a sort of command
line, and then I am working on a pcap-based listener which will invoke
rules on that command line. dfd_keeper works with pf, and I'm looking
for someone to take over the iptables version (dfd_tbk).
See my homepage for the dynamic firewall daemon.
Please send me any requests about exactly what protocols you'd like to
take action in response to, and I'll do my best to include that
capability in my pcap-based listener. And, as always, I am very open
to any suggestions.
I had a root disk failure recently, but if I recover from that
quickly, I may have working code by Sunday.
--
http://www.lightconsulting.com/~travis/ -><-
"We already have enough fast, insecure systems." -- Schneier & Ferguson
GPG fingerprint: 50A1 15C5 A9DE 23B9 ED98 C93E 38E9 204A 94C2 641B
More information about the freebsd-pf
mailing list