Re: Firewall without network Stack

From: Vincent Labrecque (limitln@cooptel.qc.ca)
Date: 09/29/01


Date: Sat, 29 Sep 2001 12:27:00 -0500
From: Vincent Labrecque <limitln@cooptel.qc.ca>
To: Kyle Wheeler <memoryhole@cheerful.com>
Subject: Re: Firewall without network Stack
Message-ID: <20010929122700.A21593@silenus>



* Kyle Wheeler (memoryhole@cheerful.com) wrote:
> I've seen, somewhere, a project that was making a "shadow firewall" - a
> Linux box that just dumped everything from the network card to a
> user-land application (the kernel didn't have a network stack compiled)
> and let that handle filtering and routing packets. I'm trying to find it
> again...
>
> Has anyone seen anything like this?
>
> If not... any suggestions for places to look to begin hacking the kernel
> to make my own?
>
> ~Kyle Wheeler

 What's the point of this, beside slowing down everything?

 And where to start hacking, well, I think it would be in your network card's
code. What you do with the stuff you get from the network at that point, I
don't know, it's been too long since I played with the linux kernel...

Vincent Labrecque
limitln@cooptel.qc.ca
3656 74EE 7DF8 F731 701F D075 C26A 1F13 B0E2 69EE






Relevant Pages