Re: Transparent caching

robbw@best.com said:
} Is this a linux feature or a function of most operating systems? I'm
} wondering how to handle the property-based packet filtering, it sounds
} like a kernel level modification, or perhaps through libpcap? I know
} you can use libpcap to do property-based packet filtering before the
} packets reach the application layer, but can it also selectively
} remove packets (ie, intercept and remove from the protocol stack)? It
} would be an intriguing experiment, I suspect.

Its a linux feature, part of the firewall code. It might be in the recent
BSD variations since the original firewall code started there, but I guess
not since so many major changes were made to the linux code.

john@vbc.net said:
} What facilities does linux provide to do this, whach kernel version is
} required, i was looking at doing something similar by hacking the IP
} code in the kernel but this sounds much better ....

In 2.0.x kernels you can take all forwarded packets matching a particular
mask (say something like source 192.168.2.0/24 to 0/0) and redirect them
to a specified local port. A proxy listening on that port can then take
the connection, check the end points (using getsockname()), and deal with
the connection.

You need to build a curent kernel with firewalling options,
TRANSPARENT_PROXY support and use ipfwadm 2.3 to setup the firewall rules
appropriately.

Further info can be found at
        http://www.wwonline.com/~achau/ipmasq/
        http://www.xos.nl/linux/ipfwadm/

There is also something called IP filter which I am told can do similar
things. but I have not used it:-
        http://coombs.anu.edu.au/~avalon/

        Nigel.

-- 
[ Nigel.Metheringham@theplanet.net   - Unix Applications Engineer ]
[ *Views expressed here are personal and not supported by PLAnet* ]
[ PLAnet Online : The White House          Tel : +44 113 251 6012 ]
[ Melbourne Street, Leeds LS2 7PS UK.      Fax : +44 113 2345656  ]
[Q: You know when you run sendmail....  A: No, you DELETE sendmail]