[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
ipchains in hurd
|
From: |
Peter Novodvorsky |
|
Subject: |
ipchains in hurd |
|
Date: |
09 Jan 2002 23:29:54 +0300 |
|
User-agent: |
Gnus/5.09 (Gnus v5.9.0) Emacs/21.1 |
Hello!
I discovered accidential feature in hurd that may be not realized
by developers. It should be possible to build and run ipchains from
linux 2.2 and they should work.
IP Firewalling in linux is done using setsockopt. socket is raw
created using socket(AF_INET, SOCK_RAW, IPPROTO_RAW) and then you can
do
setsockopt(sockfd, IPPROTO_IP, IP_FW*, void *optval, socklen_t optlen)
requests. In hurd, pfinet will pass last three values to it's linux
part and linux part should work as it works in regular environemt.
Do we need this? I had talk with Marcus on IRC today, and he said that
we should think about design of firewalling in Hurd. He said that
using this setsockopt hack might be not very good and we need to try
some better way.
Anyway, I think that port of ipchains should be done.
Peace,
Peter.
--
Peter Novodvorsky Deadheads, unite!
Moscow State University, CS dept. nidd@cs.msu.su
Debian Project nidd@debian.org
ALT Linux Team, Russia nidd@alt-linux.org
- ipchains in hurd,
Peter Novodvorsky <=