Pozadavek na specialni uctovani
Gratz Jaroslav
xgratz01 na stud.fee.vutbr.cz
Čtvrtek Prosinec 7 14:39:15 CET 2000
On Thu, 7 Dec 2000, Lukas Macura wrote:
> mel bych takovy dotaz. Potrebuji si napsat svoji tarifikacni aplikaci
> (ipchains mi nestaci), ktera pojede v user-levelu a bude si
> tarifikovat po svem. Jde mi ted jen o to, jak co nejjednoduseji a
> nejefektivneji oznacit pakety, ktere bych chtel pretahovat do
> userlevelu (pujde pouze o TCP/IP) a take o to, jak dostat do
> userlevelu pouze to co potrebuji (source port, source ip, destination
> port, destination ip, size) a ne samotna data paketu. Da se to nejakym
> standardnim zpusobem pod 2.2 kernelem ?
Mozna vam pomuze tohle:
IP: firewall packet netlink device
CONFIG_IP_FIREWALL_NETLINK
If you say Y here, you can use the ipchains tool to copy all or part
of any packet you specify that hits your Linux firewall to optional
user space monitoring software that can then look for attacks and
take actions such as paging the administrator of the site.
To use this, you need to create a character special file under /dev
with major number 36 and minor number 3 using mknod ("man mknod"),
and you need (to write) a program that reads from that device and
takes appropriate action.
Jaroslav Gratz
Další informace o konferenci Linux