Re: NETLINK and discerning input vs output packets

Paul Rusty Russell (Paul.Russell@rustcorp.com.au)
Fri, 18 Jun 1999 11:05:53 +0930

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Mike A. Harris: "Odd filesystem permission handling"
Previous message: Konrad Podloucky: "Re: 2.2.9 Kernel Panic!"

In message <003701beb54b$c7a35f60$224304ce@binary9.net> you write:
> Well, the question is how do I tell what rule caused the packet to
> be dropped to userspace?

Set the mark in the rule; it appears through netlink. (eg. -m 1 -o,
-m 2 -o, etc).

> [ more details ]
> In reality what I am doing is writing a stateful/heuristic packet filter with
> ipchains.

See Brian Murrell's SPF, which does this: ftp://ftp.interlinx.bc.ca/pub/spf

Rusty.

-- Tridge, Raster, DaveM, Cort, maddog... Where will you be 9-11 July 1999? http://www.linux.org.au/projects/calu

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: Mike A. Harris: "Odd filesystem permission handling"
Previous message: Konrad Podloucky: "Re: 2.2.9 Kernel Panic!"