Return to BSD News archive
Path: sserve!newshost.anu.edu.au!harbinger.cc.monash.edu.au!bunyip.cc.uq.oz.au!munnari.oz.au!news.Hawaii.Edu!ames!agate!spool.mu.edu!torn!news.unb.ca!jupiter.sun.csd.unb.ca!b6ps From: b6ps@jupiter.sun.csd.unb.ca (Peter Howlett) Newsgroups: comp.os.386bsd.apps Subject: Routing Software Date: 14 Jul 1994 17:13:00 GMT Organization: University of New Brunswick, Fredericton, NB, Canada Lines: 22 Message-ID: <303rms$a0s@sol.sun.csd.unb.ca> NNTP-Posting-Host: jupiter.unb.ca X-Newsreader: TIN [version 1.2 PL2] Howdy, I am wondering if there is a package that actually looks at packets and checks them out before the kernel routes them? The idea is to have a Net/FreeBSD machine as a firewall that only routes packets from certain hosts to the local subnet. Options like tcp_wrappers are out because we want to inspect packets that are not necessarily meant for the firewall but for machines on either side of it. Options like socks are not good because programs on the internal net need to be changed to use the socks library. If there is not a package like this, would it be a difficult thing do you think for me to use raw sockets to talk to the IP layer in the kernel? Or at least get the kernel to give me the packet instead of just routing the thing? (I have the gated source, I am trying to sort through it, but while I am doing this, I thought I'd try writing this note for other ideas.) ------------------------------------------------------------------- From: Peter Howlett University of New Brunswick Inet: b6ps@unb.ca Fredericton, N.B. Canada