You can push a BPF (LPF) filter expression onto a LISTEN socket that checks
every incoming packet using SO_ATTACH_FILTER.
The only way to do it fully in an application is probably to set up netfilter
NAT to forward the connection to some local process; or alternative push
the packets using a netfilter queue target to a user process and forward/
disable firewall rules dynamically.
-Andi
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/