Do pfil(9) hooks receive TCP retransmissions?
Frank Knobbe
frank at knobbe.us
Mon Nov 25 19:48:39 UTC 2013
On Mon, Nov 25, 2013 at 11:42:43AM -0800, R. Tyler Croy wrote:
> I don't disagree with you that this might be a large amount of effort.
> Unfortunately I've not found any existing tools that give me the ability to
> create application layer filtering, while still acting as a full transparent
> TCP proxy.
>
> Performing such filtering in an HTTP proxy is fine, but I'm more interested
> (academically) in filtering traffic transparently across more than just HTTP.
"filtering traffic transparently" sounds like an IPS to me.
Have you looked at Snort or Suricata (both free IPS software) to perform
the filtering you desire? Perhaps you could build something on top of these?
Cheers,
Frank
More information about the freebsd-hackers
mailing list