Re: Firewall without network Stack

From: Vincent Labrecque (
Date: 09/29/01

Date: Sat, 29 Sep 2001 12:27:00 -0500
From: Vincent Labrecque <>
To: Kyle Wheeler <>
Subject: Re: Firewall without network Stack
Message-ID: <20010929122700.A21593@silenus>

* Kyle Wheeler ( wrote:
> I've seen, somewhere, a project that was making a "shadow firewall" - a
> Linux box that just dumped everything from the network card to a
> user-land application (the kernel didn't have a network stack compiled)
> and let that handle filtering and routing packets. I'm trying to find it
> again...
> Has anyone seen anything like this?
> If not... any suggestions for places to look to begin hacking the kernel
> to make my own?
> ~Kyle Wheeler

 What's the point of this, beside slowing down everything?

 And where to start hacking, well, I think it would be in your network card's
code. What you do with the stuff you get from the network at that point, I
don't know, it's been too long since I played with the linux kernel...

Vincent Labrecque
3656 74EE 7DF8 F731 701F D075 C26A 1F13 B0E2 69EE