this whole thing is a Java based firewall is nonsense, i think. you wont
be able to really capture packets not in socket mode without invoking JNI,
or Java Native Interfaces. so, you'd be porting the BPF to Java, and have
to do this for every platform you intend to run on.
the only other thing you could do is a Java based proxy, not a packet
filter, but .. given Java's ass slow performance, you may as well hand
deliver your connection requests.
i suggest you learn some hardcore C if you really want to do kernel work,
which is where a firewall has to live. go grab the following open source
firewalls and see how they work:
ipf:
http://coombs.anu.edu.au/ipfilter/
works on BSD, Solaris
ipchains:
http://netfilter.kernelnotes.org/ipchains/
linux 2.2
netfilter:
http://netfilter.kernelnotes.org/
linux 2.4
enjoy. oh, you'll probably also want to learn a) kernel programming and b)
ip stack programming. no, it's not easy.
____________________________
jose nazario [EMAIL PROTECTED]
PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
PGP key ID 0xFD37F4E5 (pgp.mit.edu)
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
