Re: Firewall without network Stack

From: Vincent Labrecque (limitln@cooptel.qc.ca)
Date: 09/29/01

• Previous message: Carlos Amaya: "Re: Firewall without network Stack"
• In reply to: Kyle Wheeler: "Firewall without network Stack"
• Next in thread: Kyle Wheeler: "Re: Firewall without network Stack (SUMMARY)"
• Next in thread: Duane Waddle: "Re: Firewall without network Stack"
• Reply: Kyle Wheeler: "Re: Firewall without network Stack (SUMMARY)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Sat, 29 Sep 2001 12:27:00 -0500
From: Vincent Labrecque <limitln@cooptel.qc.ca>
To: Kyle Wheeler <memoryhole@cheerful.com>
Subject: Re: Firewall without network Stack
Message-ID: <20010929122700.A21593@silenus>

* Kyle Wheeler (memoryhole@cheerful.com) wrote:
> I've seen, somewhere, a project that was making a "shadow firewall" - a
> Linux box that just dumped everything from the network card to a
> user-land application (the kernel didn't have a network stack compiled)
> and let that handle filtering and routing packets. I'm trying to find it
> again...
>
> Has anyone seen anything like this?
>
> If not... any suggestions for places to look to begin hacking the kernel
> to make my own?
>
> ~Kyle Wheeler

 What's the point of this, beside slowing down everything?

 And where to start hacking, well, I think it would be in your network card's
code. What you do with the stuff you get from the network at that point, I
don't know, it's been too long since I played with the linux kernel...

Vincent Labrecque
limitln@cooptel.qc.ca
3656 74EE 7DF8 F731 701F D075 C26A 1F13 B0E2 69EE

---

• application/pgp-signature attachment: stored

---

• Previous message: Carlos Amaya: "Re: Firewall without network Stack"
• In reply to: Kyle Wheeler: "Firewall without network Stack"
• Next in thread: Kyle Wheeler: "Re: Firewall without network Stack (SUMMARY)"
• Next in thread: Duane Waddle: "Re: Firewall without network Stack"
• Reply: Kyle Wheeler: "Re: Firewall without network Stack (SUMMARY)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: PROBLEM: oops in 2.6.21.1 after bringing up the network ... I am consistently getting a kernel oops from a vanilla 2.6.21.1 kernel. ... I have the same problem here on an ASUS laptop with sis network ... # Linux kernel version: 2.6.21.1 ... # ACPI Support ... (Linux-Kernel) Re: CD writing in future Linux (stirring up a hornets nest) ... >> Linux kernel, or to avoid integrating a particular device into a unique SCSI ... By not treating ATAPI the same as all other SCSI devices. ... that are on the local network. ... (Linux-Kernel) Re: G/N pcmcia linux friendly network ... I am looking for PCMCIA network which is Linux friendly -- means I ... don't have to recompile my kernel. ... With a card that support n would be nice. ... (alt.linux) Re: Problems w. Promise SATA300 TX2plus PDC40775 ... I have a Debian Sarge system with 2.6.8-K7 linux kernel (original kernel from ... Raw IP | Low Level Network Programming ... # ACPI Support ... (Debian-User) Problem with network after new kernel tryout ... excited about what Linux can offer these days that I wanted to ... I made another Sarge installation (just to be sure not to ... break anything) and started updating its kernel. ... i cannot connect to network. ... (Debian-User)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > focus-linux  > 2001-09