[PATCH] New feature in Packet Filter
Quentin Narvor
quentin.narvor at gmail.com
Thu Apr 7 08:48:58 UTC 2011
Hello,
My name is Quentin Narvor and I am currently working on intrusion detection.
I use Freebsd 8.2 and I recently needed pf to be able to dynamically fill in
tables according pass rule.
For performances reasons, I didn't want to do it with a script and pfctl.
Then, with the help of Mr Nicolas Greneche, I made this patch named "add".
It enables pf to add src ip or dst ip in a table when a match occurs on a
pass rule.
I submit this patch to your attention. Is this feature is of interest to be
added in PF mainstream ?
You will find the patch and its documentation in attachment.
Let me know if you think that some modifications are needed.
Best regards,
Quentin Narvor
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Doc_patch_ADD.pdf
Type: application/pdf
Size: 69144 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-net/attachments/20110407/c0ddcbcd/Doc_patch_ADD-0001.pdf
-------------- next part --------------
A non-text attachment was scrubbed...
Name: add.patch
Type: text/x-patch
Size: 13832 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-net/attachments/20110407/c0ddcbcd/add-0001.bin
More information about the freebsd-net
mailing list