Tetsuo Handa [EMAIL PROTECTED] writes:
Hello, Samir.
Did you receive the following messages?
Since these messages were dropped at vger.kernel.org ,
I'm worrying that you couldn't receive the following messages.
Yes, I got it.
I will take time to investigate your example.
--
To unsubscribe
for FreeBSD:
http://caia.swin.edu.au/urp/newtcp/tools.html
http://caia.swin.edu.au/reports/070824A/CAIA-TR-070824A.pdf
And even more similar to this patch from Samir Bellabes of Mandriva:
http://lwn.net/Articles/202255/
Indeed, I was thinking about this idea. but yet, my goal is not to deal
you handle race window between security_socket_accept()
and sock-ops-accept()?
Samir Bellabes wrote:
My approach is to get the informations regarding the socket from
socket(), bind() and and accept() syscalls hooks.
Pushing this informations to userspace. Here the user can refuse or
accept
Tetsuo Handa [EMAIL PROTECTED] writes:
Hello.
Samir Bellabes wrote:
at security_socket_accept(), the user only accept the fact that the
application is able to go to sock-ops-accept(). That's the purpose of
this hook.
Yes. This hook can't perform filtering.
By filtering, you should mean
Tetsuo Handa [EMAIL PROTECTED] writes:
Hello.
Thank you for detailed explanation.
Samir Bellabes wrote:
No, it's performed from the userspace. the goal is to don't touch the
network stack at all.
OK. One thing I'm worrying.
Use of userspace process assumes that it shall not be killed
000..4fde17f
--- /dev/null
+++ b/drivers/connector/cn_net.c
@@ -0,0 +1,1118 @@
+/*
+ * drivers/connector/cn_net.c
+ *
+ * Network events connector
+ * Samir Bellabes [EMAIL PROTECTED]
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU
can be put in driver_data.
Attached patch is doing it, but I didn't test it.
tree 602e0c2def631e82635b4f8aad762e69184af143
parent 5ecd3100e695228ac5e0ce0e325e252c0f11806f
author Samir Bellabes [EMAIL PROTECTED] 1181086775 +0200
committer Samir Bellabes [EMAIL PROTECTED] 1181086775 +0200
Search PHY
Evgeniy Polyakov [EMAIL PROTECTED] writes:
On Fri, Feb 09, 2007 at 05:43:14AM +0100, Samir Bellabes ([EMAIL PROTECTED])
wrote:
Hi,
Here is a new feature which can help firewalls to be more application
aware, so more useful for people.
Our previous discussion about cn_net and firewalls
Evgeniy Polyakov [EMAIL PROTECTED] writes:
On Fri, Feb 09, 2007 at 05:43:14AM +0100, Samir Bellabes ([EMAIL PROTECTED])
wrote:
Hi,
Here is a new feature which can help firewalls to be more application
aware, so more useful for people.
Our previous discussion about cn_net and firewalls
/~sbellabes/cn_net/
Signed-off-by: Samir Bellabes [EMAIL PROTECTED]
--
drivers/connector/Kconfig |8
drivers/connector/Makefile |1
drivers/connector/cn_net.c | 618
to improve it.
Thanks a lot,
Samir Bellabes
tree af484e2d54e2dc43312f171efe1426b236e97bd7
parent 1539b98b561754252dd520b98fa03a688a4f81b5
author Samir Bellabes [EMAIL PROTECTED] 1170995340 +0100
committer Samir Bellabes [EMAIL PROTECTED] 1170995340 +0100
[PATCH] Network Events Connector
David Miller [EMAIL PROTECTED] writes:
From: Samir Bellabes [EMAIL PROTECTED]
Date: Mon, 02 Oct 2006 08:11:06 +0200
This patch adds a connector which reports networking's events to
userspace. It's sending events when a sock has its sk_state changed to :
- LISTEN or CLOSE for DCCP and TCP
Evgeniy Polyakov [EMAIL PROTECTED] writes:
On Mon, Oct 02, 2006 at 02:57:55PM +0200, Samir Bellabes ([EMAIL PROTECTED])
wrote:
Evgeniy Polyakov [EMAIL PROTECTED] writes:
On Mon, Oct 02, 2006 at 08:11:06AM +0200, Samir Bellabes ([EMAIL
PROTECTED]) wrote:
You can also extend your module
, and the firewall, in a such way that the
firewall's router will forward incoming packet for this port to the user
box.
It will avoid adding specific rules to the user's firewall-script, and
let the firewall be more interactive for users.
Signed-off-by: Samir Bellabes [EMAIL PROTECTED]
---
drivers
Evgeniy Polyakov [EMAIL PROTECTED] writes:
On Mon, Oct 02, 2006 at 08:11:06AM +0200, Samir Bellabes ([EMAIL PROTECTED])
wrote:
This patch adds a connector which reports networking's events to
userspace. It's sending events when a sock has its sk_state changed to :
- LISTEN or CLOSE
. [1]
So far, it have been tested successfully with this devices:
RTL-8169
RTL-8169SC
RTL-8168
[1]
http://cvs.mandriva.com/cgi-bin/viewvc.cgi/packages/cooker/kernel-2.6/current/PATCHES/patches/DN85_r8169_others.patch?root=svnview=log
regards,
--
Samir Bellabes
Mandriva
-
To unsubscribe from
16 matches
Mail list logo