Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 08 Feb 97 11:08:55 -0800
From:      "That Doug Guy" <tiller@connectnet.com>
To:        "FreeBSD Questions" <FreeBSD-Questions@freebsd.org>
Cc:        "FreeBSD-ISP@freebsd.org" <FreeBSD-ISP@freebsd.org>
Subject:   Packet filtering help please
Message-ID:  <199702081909.LAA11891@smtp.connectnet.com>

next in thread | raw e-mail | index | archive | help
Howdy,  :-)

	I (still, *cough*) need information on packet filtering.  I looked at 
LINT, and found this about bpf:

#  The `bpfilter' pseudo-device enables the Berkeley Packet Filter.  Be
#  aware of the legal and administrative consequences of enabling this
#  option.  The number of devices determines the maximum number of
#  simultaneous BPF clients programs runnable.

	The man page for bpf was helpful, but went over my head sooner 
than I would have liked. :)  Where can I find more information (starting at a 
less ethereal level :) regarding what bpf is good for, and exactly what the 
dangers are?  

	The last time I asked, the best info I got was that for my purposes 
(occasional filtering of nuisance hosts) enabling the firewall option in the 
kernel, and using ipfw would be my best bet.  This issue has become 
somewhat more urgent as our system is being attacked by a pesky (and 
persistent) 15 year old.  I never did receive an answer on how much 
overhead (cpu is the biggest consideration) this will add to my system.  Also, 
where can I find more info on how to construct rules?  (Beyond the man 
pages.)  I will be doing this all remotely, so getting it right the first time is 
essential.  

	I've heard that the O'Reilly book on TCP/IP Administration is really 
good.....is this kind of information included in it?  I have 2 of their books 
already, and really like them.  Please note that I'm willing to do the digging 
to get the info myself, but I've run out of places to look.

Thanks in advance for any help you can offer,

Doug




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702081909.LAA11891>