> with bit of a digging also found function inet_add_protocol() which
> probably could also be used(?) but it seems that it is affecting only IP
> traffic :(.
And it makes each user a copy of the packet.
> What little I have so far understood about firewall chains is that when I
> make the module it needs in initialization to register new chain.
> "register_firewall(PF_(PACKET,INET?),&ipfw_ops)"
PF_xxx is the family you wish to listen for (you can register for multiple)
> Would it then be neccesary use ipchains program in (l)user space so that
> ALL net traffic would go trough this module?
No. ipchains controls the ipchains/ip_fw.c firewall. The register_firewall
hooks are much more generic
> Just trying to find a way to put all net traffic trough a function(s) that
> would totally mess the packets up (send on,modify them,drop em,send em
> back,etc) and in a way that it'd work in 2.0 and 2.2 (hopefully 2.4 no
> major net changes there?).
Alan
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
