Packet Inspection
Kenneth Porter
shiva at sewingwitch.com
Mon Jan 24 22:06:00 UTC 2005
--On Monday, January 24, 2005 6:28 PM +0100 Roland Kaeser
<roli at israel-jugendtag.ch> wrote:
> I know this would rater belong to the user list but I'm not a subscriber
> of this list so I try to post it here.
> I need a package inspection tool for a very large firewall project. The
> ipt_string functionality does not longer exist in the iptables
> implementation of the kernel 2.6 so I need a other tool which drops all
> packages or communication parts which contains dangerous contents. I've
> searched a lot of websites but I couldn't find anything which reliabley
> implements a such function. Is there somebody which has experiences in
> these field and can advise me? This functionality should been implemented
> on a Fedora 2 machine which stands in the front of the application level
> firewalls to prevent its from traffic which is not productive.
I'd strongly recommend asking on the netfilter list. Red Hat has a policy
of only adopting kernel features that are part of the upstream core kernel,
and doesn't include experimental stuff. So you'll probably need to get the
Fedora kernel source RPM and make a custom build with the additional
netfilter modules that you need.
I've quoted your whole question for those who might be able to answer once
they realize you mean IP packets and not RPM packages. I notice a lot of
people using "package" instead of "packet" and wonder if this
mistranslation is coming from some particular source? How did you come to
use the term "package"? Maybe we can go upstream and get the usage
corrected. (Mind you, I'm a dumb provincial American so I only speak one
language, and this isn't meant as an insult to those of you smart enough to
take on English in addition to your native language.)
More information about the devel
mailing list