Re: Plug command in iptables
From: Tim Haynes (usenet-20040517_at_stirfried.vegetable.org.uk)
Date: 05/17/04
- Next message: jisse: "Re: Plug command in iptables"
- Previous message: Nils Juergens: "Re: How to audit machine?"
- In reply to: Hal Murray: "Re: Plug command in iptables"
- Next in thread: Olivier: "Re: Plug command in iptables"
- Reply: Olivier: "Re: Plug command in iptables"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 17 May 2004 11:57:31 +0100
hmurray@suespammers.org (Hal Murray) writes:
[snip]
>>with the scripting returning "ACCEPT" or "REJECT" according to some
>>parameters ( src ip / dest ip / src port / dest port / protocol etc )
>>
>>Or is my question just stupid?
>
> I'd call it impractical. The accept/reject decision is made in
> the kernal for each packet. There isn't time to run user code.
There's the whole user-mode queueing module whose existence suggests there
may be time to do something with some of the packets in code... :)
~Tim
-- So lead me to the river |piglet@stirfried.vegetable.org.uk Blood runs thicker than the water |http://pig.sty.nu/Pictures/
- Next message: jisse: "Re: Plug command in iptables"
- Previous message: Nils Juergens: "Re: How to audit machine?"
- In reply to: Hal Murray: "Re: Plug command in iptables"
- Next in thread: Olivier: "Re: Plug command in iptables"
- Reply: Olivier: "Re: Plug command in iptables"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
