Date: Mon, 25 Nov 2013 13:48:37 -0600 From: Frank Knobbe <frank@knobbe.us> To: freebsd-hackers <freebsd-hackers@freebsd.org> Subject: Re: Do pfil(9) hooks receive TCP retransmissions? Message-ID: <20131125194837.GC75749@knobbe.us> In-Reply-To: <20131125194243.GD6275@kiwi.coupleofllamas.com> References: <20131125181232.GB6275@kiwi.coupleofllamas.com> <20131125183829.GA75749@knobbe.us> <20131125190803.GC6275@kiwi.coupleofllamas.com> <20131125192633.GB75749@knobbe.us> <20131125194243.GD6275@kiwi.coupleofllamas.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Nov 25, 2013 at 11:42:43AM -0800, R. Tyler Croy wrote: > I don't disagree with you that this might be a large amount of effort. > Unfortunately I've not found any existing tools that give me the ability to > create application layer filtering, while still acting as a full transparent > TCP proxy. > > Performing such filtering in an HTTP proxy is fine, but I'm more interested > (academically) in filtering traffic transparently across more than just HTTP. "filtering traffic transparently" sounds like an IPS to me. Have you looked at Snort or Suricata (both free IPS software) to perform the filtering you desire? Perhaps you could build something on top of these? Cheers, Frank
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20131125194837.GC75749>