Re: Transparent caching

From: Nigel Metheringham <>
Date: Fri, 03 Jan 1997 09:37:57 +0000 said:
} Is this a linux feature or a function of most operating systems? I'm
} wondering how to handle the property-based packet filtering, it sounds
} like a kernel level modification, or perhaps through libpcap? I know
} you can use libpcap to do property-based packet filtering before the
} packets reach the application layer, but can it also selectively
} remove packets (ie, intercept and remove from the protocol stack)? It
} would be an intriguing experiment, I suspect.

Its a linux feature, part of the firewall code. It might be in the recent
BSD variations since the original firewall code started there, but I guess
not since so many major changes were made to the linux code. said:
} What facilities does linux provide to do this, whach kernel version is
} required, i was looking at doing something similar by hacking the IP
} code in the kernel but this sounds much better ....

In 2.0.x kernels you can take all forwarded packets matching a particular
mask (say something like source to 0/0) and redirect them
to a specified local port. A proxy listening on that port can then take
the connection, check the end points (using getsockname()), and deal with
the connection.

You need to build a curent kernel with firewalling options,
TRANSPARENT_PROXY support and use ipfwadm 2.3 to setup the firewall rules

Further info can be found at

There is also something called IP filter which I am told can do similar
things. but I have not used it:-


[   - Unix Applications Engineer ]
[ *Views expressed here are personal and not supported by PLAnet* ]
[ PLAnet Online : The White House          Tel : +44 113 251 6012 ]
[ Melbourne Street, Leeds LS2 7PS UK.      Fax : +44 113 2345656  ]
[Q: You know when you run sendmail....  A: No, you DELETE sendmail]
Received on Fri Jan 03 1997 - 01:49:14 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:33:59 MST