Re: Selectively refusing TCP connections

Andi Kleen (ak@suse.de)
Thu, 24 May 2001 21:49:06 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Dan Hollis: "Re: Dual Athlon on 2.2.19 ?"
Previous message: Erik Mouw: "Re: Dying disk and filesystem choice."

On Thu, May 24, 2001 at 12:15:44PM -0700, David Ford wrote:
> Is there an example somewhere of this?

I don't have one handy, but basically you have to hack libpcap a bit
to push the generated filters using SO_ATTACH_FILTER onto a socket.

The format (LPF) understood by the kernel is a superset of the BPF
stack machine code generated by libpcap. See linux/filter.h and the BPF
documentation.

It's main drawback is that it doesn't support variable length headers
properly.

-Andi
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Dan Hollis: "Re: Dual Athlon on 2.2.19 ?"
Previous message: Erik Mouw: "Re: Dying disk and filesystem choice."