Feature request for IPFW

Erik Nørgaard norgaard at locolomo.org
Thu Feb 9 14:06:15 PST 2006 

Hi:

First, I don't use IPFW myself, so please accept my appologies if these 
features are present in IPFW - in that case it might be a good idea to 
highlight this.

New legislation is under way in the EU regarding retention of traffic
data (see link at bottom). The official purpose is to fight terrorism 
and organised crime. I shall not go into the polemics or lobbying for or 
against.

Of course, such directives does not set legal requirements on FreeBSD as
such but, businesses need technical solutions to comply with this 
directive.

Hence, this directive may guide the choice of the technical solution, 
and this is why it is relevant to FreeBSD: To ensure that FreeBSD will 
be an option.

This said, I think that these features could also be quite useful for 
businesses in order to investigate incidents.

Who:

The data retention directive requires "providers of publicly available
electronic communications services or of a public communications
network" to log and store traffic data.

This is pretty broad, while exclusions may be adopted, this includes
anything from public libraries, to large ISP's to log and store traffic
data.

What:

Traffic data is defined as all data needed to identify the source and
destination of a communication and duration. If traffic is routed 
through a proxy or NAT'ed this includes any "translation" data.

The details are specified in the annex of the referred document, and 
includes MAC address of the node(s).

The technical solution:

For Internet communication the following must be logged:

source ip, port and mac, destination ip, port, identity translation 
(NAT) data. Time of initiation, duration or time of termination.

The gateway have access to all this information, with exception of the 
NAT data and duration all is supported, but:

The nice solution would be to enable logging when entries are made or 
deleted from the NAT table. This will include all the required 
information with the possible exception of the MAC address.

So to sum up: My request is to support logging of changes to the NAT table.

When:

The directive is still a proposal, and once accepted member states are
usually given two years to implement it into national law.

Why hurry:

1) It will be quite nice to be able to advertise FreeBSD to support the 
directive by the time it takes effect.

2) Some countries are ahead of time and have adopted similar legislation 
although the state is not clear as the enforcement may have been delayed 
to wait for the common rules.

The proposal as is (now) can be found here:

http://europa.eu.int/information_society/policy/ecomm/doc/info_centre/communic_reports/data_retention/retention_proposal_en_com_2005_0438.pdf

Best regards, Erik
-- 
Ph: +34.666334818                           web: http://www.locolomo.org
S/MIME Certificate: http://www.locolomo.org/crt/2004071206.crt
Subject ID:  A9:76:7A:ED:06:95:2B:8D:48:97:CE:F2:3F:42:C8:F2:22:DE:4C:B9
Fingerprint: 4A:E8:63:38:46:F6:9A:5D:B4:DC:29:41:3F:62:D3:0A:73:25:67:C2

More information about the freebsd-current mailing list