thanks,
Hari.
-----Original Message-----
From: Chris Friesen [mailto:cfriesen@nortelnetworks.com]
Sent: Monday, March 18, 2002 2:17 PM
To: prade@cs.sunysb.edu
Cc: linux-kernel@vger.kernel.org
Subject: Re: Trapping all Incoming Network Packets
prade@cs.sunysb.edu wrote:
> I want to sniff the packets, and make a
> decision based on certain characteristics of each packet. So I need to
> have a filter between the IP and link-layer. Also, I do not want the
> filter to slow down traffic. Hence I believe implementing inside kernel
> will be more efficient.
Write a netfilter module and bind it in to NF_IP_PRE_ROUTING or NF_IP_LOCAL_IN
as appropriate. This will allow you to analyze the packet and decide whether to
keep or discard it (or mangle it if you want).
This is what netfilter is there for.
Chris
-- Chris Friesen | MailStop: 043/33/F10 Nortel Networks | work: (613) 765-0557 3500 Carling Avenue | fax: (613) 765-2986 Nepean, ON K2H 8E9 Canada | email: cfriesen@nortelnetworks.com - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/ - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/