[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

userland packet filtering

To: tech@openbsd.org
Subject: userland packet filtering
From: Brandin L Claar <claar@arl.psu.edu>
Date: Wed, 30 May 2001 18:53:31 -0400
Content-Disposition: inline
User-Agent: Mutt/1.2.2i

I was curious if anyone had any opinions on what would be the most
efficient and/or straightforward methods for implementing a userland
packet filter with OpenBSD, namely pulling packets out of the kernel
and putting them back in.  Specifically, it would be nice to have a
psuedodevice that can be configured to steal packets from any 
interface, then reinject them locally or into the routing code.

There's always bpf and tun, but I'm not sure they would be ideal in 
the long run.  If anyone can explain otherwise, please do.  

I think the development of userland firewall code would spur interest
in developing more sophisticated features.  If efficiency truly became
an issue, then time could be spent to port the code back into the 
kernel.


-- 
Brandin Claar
Network Analyst 
Penn State Applied Research Lab

Follow-Ups:
- Re: userland packet filtering
  - From: "Angelos D. Keromytis" <angelos@cis.upenn.edu>

Prev by Date: Re: ipf
Next by Date: Re: userland packet filtering
Prev by thread: problem with aac running on Dell PE 2400 (Perc 2/Si)
Next by thread: Re: userland packet filtering
Index(es):
- Date
- Thread