Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 17 Jan 2003 13:39:02 +0000
From:      Jian Song <Jian.Song@nominum.com>
To:        freebsd-ipfw@FreeBSD.ORG
Subject:   How to do tcp payload validation
Message-ID:  <3E280776.3060502@nominum.com>

Next in thread | Raw E-Mail | Index | Archive | Help
Hi:

I need to do tcp payload validation.  Specifically, the tcp stream I am 
looking at contains multiple messages.  Each message has a two byte 
length header and immediately follow by the body.  I would like to 
monitor the tcp traffic and intercept each message.  If there is an 
error, I will send RSTs to both ends of the connection.  While I can do 
a BPF tap and do ip reassembly and tcp processing myself, I was 
wondering whether this can be achieved through ipfw or ipfilter.  I 
would like a TCP tap which pass tcp payload data to a user process for 
further validation.  This way, I don't have to worry about matching ACKs 
and do TCP stream reassembly.

Thanks,

Jian Song


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?3E280776.3060502>