[fw-wiz] IPTables QUEUE target equivalency in other firewalls

From: Rod Marten (rod.marten@domail.maricopa.edu)
Date: 02/26/03

Next message: H. Morrow Long: "Re: [fw-wiz] IPTables QUEUE target equivalency in other firewalls"

Previous message: Small, Jim: "[fw-wiz] TCP/IP filtering concepts presentation"
Next in thread: H. Morrow Long: "Re: [fw-wiz] IPTables QUEUE target equivalency in other firewalls"
Reply: H. Morrow Long: "Re: [fw-wiz] IPTables QUEUE target equivalency in other firewalls"
Reply: Barney Wolff: "Re: [fw-wiz] IPTables QUEUE target equivalency in other firewalls"
Reply: John Dorsey: "Re: [fw-wiz] IPTables QUEUE target equivalency in other firewalls"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: Rod Marten <rod.marten@domail.maricopa.edu>
To: firewall-wizards@honor.icsalabs.com
Date: 26 Feb 2003 13:01:01 -0700

Netfilter/IPTables supports a target of QUEUE which delivers packets to
a userspace interface where they can be modified,inspected etc. For
example, the QUEUE target is used by Snort-inline to inspect and
allow/drop packets in realtime.

Do any other firewalls have a similar function? I am particularly
interested in ipFilter, ipfw, packetfilter, or PIX (I know PIX is highly
unlikely since it is more of a dedicated appliance).

Thanks for the information.

Rod Marten

_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Next message: H. Morrow Long: "Re: [fw-wiz] IPTables QUEUE target equivalency in other firewalls"
Previous message: Small, Jim: "[fw-wiz] TCP/IP filtering concepts presentation"
Next in thread: H. Morrow Long: "Re: [fw-wiz] IPTables QUEUE target equivalency in other firewalls"
Reply: H. Morrow Long: "Re: [fw-wiz] IPTables QUEUE target equivalency in other firewalls"
Reply: Barney Wolff: "Re: [fw-wiz] IPTables QUEUE target equivalency in other firewalls"
Reply: John Dorsey: "Re: [fw-wiz] IPTables QUEUE target equivalency in other firewalls"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: [fw-wiz] Odd PIX / router behavior
... When you saw the original spoofed traffic, what kind of packets were ... My first thought was a misconfigured internal host too, ... 10.0.0.1 is the inside interface of the PIX. ...
(Firewall-Wizards)
Re: PIX 506E as a router
... to use it as a simple router? ... as you *need* the responses coming from the WAN unless ... incoming packets that are responses to outgoing packets (a ... PIX 506E do -fairly- well in such configurations, ...
(comp.dcom.sys.cisco)
Re: Pix as router?
... I don't need GRE or any dynamic routing. ... does not really understand the Pix but does understand ... No NAT no nothing - just a basic IP router. ... and build new outgoing packets. ...
(comp.dcom.sys.cisco)
RE: [fw-wiz] Cisco Concentrator - pix515 Lan-to-Lan
... route that points 10.50.0.0/24 to the inside interface of the concentrator. ... VPN 3000's log? ... on one side and pix 515 on the other. ... I can see echo and eho-replay packets on my pix (debug icmp ...
(Firewall-Wizards)
Re: PIX 506E as a router
... outgoing ports I have defined. ... to use it as a simple router? ... You cannot configure the PIX as described, ... incoming packets that are responses to outgoing packets (a ...
(comp.dcom.sys.cisco)