Application layer classifier for ipfw

Mike Makonnen mtm at wubethiopia.com
Sat Aug 2 11:25:06 UTC 2008


Ermal Luçi wrote:
> On Fri, Aug 1, 2008 at 12:21 PM, Mike Makonnen <mtm at wubethiopia.com> wrote:
>   
>> Ermal Luçi wrote:
>>     
>>> Thanks for this.
>>> I have a question, you remove a flow from if you see a FIN for the TCP
>>> case and only on overlapping flow for either TCP/UDP how do the other
>>> flows expire i am missing that part?
>>>
>>>
>>>       
>> No, you're not missing anything.  It's on my TODO list. I wanted to get
>> this out and get feedback as early as possible, so I released it as soon as
>> I had it basically working.  I'm thinking of storing some session
>> information
>> for the flow (like a timestamp for the last packet seen) and implementing
>> a garbage collector thread that removes sessions that have been idle for
>> some period of time.
>>
>>     
>
> BTW, why not make it a port?!
>   

That's the plan as soon as I'm happy with it. I've created a sourceforge 
project (I just haven't had time to set it up yet), and in a few weeks 
I'll submit a port for it.

Cheers.

-- 
Mike Makonnen       | GPG-KEY: http://people.freebsd.org/~mtm/mtm.asc
mtm @ FreeBSD.Org   | AC7B 5672 2D11 F4D0 EBF8  5279 5359 2B82 7CD4 1F55
FreeBSD             | http://www.freebsd.org



More information about the freebsd-net mailing list