From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Andy Loukes <andy@loukes.com>
Cc: netfilter-devel@vger.kernel.org
Subject: Re: Netfilter development project
Date: Wed, 13 Aug 2008 20:13:59 +0200 [thread overview]
Message-ID: <48A32467.80703@netfilter.org> (raw)
In-Reply-To: <000501c8fd68$da840390$8f8c0ab0$@com>
Andy Loukes wrote:
> My company needs to develop two netfilter applications.
>
> First a simple daemon which listens on a tcp socket for messages which
> inform it to add or remove specific iptables rules. It needs to be
> secure, very high performance and deal with multiple concurrent
> requests. We currently use iptables rules, but when I get time I'm going
> to try out using IPSet as it seems more appropriate.
I don't know if there exists something similar so far, but it should not
be hard to implement this.
> Second an accounting daemon, it needs to connect to another server using
> a to-be-defined protocol to update the packet and byte counts, in and
> out per source ip address.
I can extend ulogd [1] or the conntrack-tools [2] to do this, it should
not be hard either. Probably your company can sponsor this extension. We
can discuss the details in private.
[1] http://www.netfilter.org/projects/ulogd/index.html
[2] http://conntrack-tools.netfilter.org
--
"Los honestos son inadaptados sociales" -- Les Luthiers
next prev parent reply other threads:[~2008-08-13 18:39 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-08-13 17:20 Netfilter development project Andy Loukes
2008-08-13 18:13 ` Pablo Neira Ayuso [this message]
[not found] ` <002101c90c64$f40dae50$dc290af0$@com>
2008-09-02 8:46 ` high number of rule changes per second (was Re: Netfilter development project) Pablo Neira Ayuso
2008-09-04 7:40 ` Jesper Dangaard Brouer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=48A32467.80703@netfilter.org \
--to=pablo@netfilter.org \
--cc=andy@loukes.com \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.