Hello all,

I would like a developer account with LEAF. My sourceforge user id is
'scaron' (don't know the digital id yet).

My contribution is twofold:

1) PacketFilter, a tool used to transform a PC into a custom made networking
device. There is an abstract at the end of this message.

2) I would like to innovate in the packaging of these Linux "appliances".
PacketFilter is nothing more than a network setup script written for the LRP
environment. However, it is packaged separately of the traditional root.lrp,
etc.lrp, blah.lrp, ... :). By separating the "enclosure" from the
"appliance", you get the benefits of a robust base that can be maintained
independantly of the application which receives control from init just as in
the actual arrangement. This separation allows for the reuse of the
application with updated versions of the enclosure and reuse of the
enclosure with updated versions of any and all "appliances".

Regards,

Serge Caron

2. Abstract
This document presents a tool, PacketFilter, which you use to configure a
dedicated PC system into a custom made networking device, the MultiPurpose
Gateway (MPG). The primary focus of the project is the rapid deployment of a
robust solution for which the building blocks are bridging, routing, and
Network Address Translation (NAT). Typical deployment of a solution is 5 to
10 minutes once all the hardware is assembled.
At the IP level, the standard MPG configuration handles the ICMP, UDP, and
TCP protocols as well as the payload for the PPTP and L2TP/IPSec AH and ESP
protocols. By design, the MPG does not participate in the
authentication/encryption mechanisms of these protocols. If you do not
provide an IPSEC server, you must route (or NAT, if applicable) to the
appropriate server the key exchange required by any of the secure protocols.
As its name implies, PacketFilter sets up filtering rules to drop unwanted
IP traffic. These rules are applied to every network segment and
PacketFilter does not assume a networking model where most of your IP
traffic is outward bound to the Internet.
PacketFilter can setup for the MPG a DHCP server and/or a DNS
server/forwarder and/or a (small) PPP server. If you elect to use one, the
MPG can use a DHCP client, a PPPoE client, a PPP client, and/or static
allocation to setup a default route. By allowing more than one of these
methods, you have an automatic fallback configuration for your MPG.
Designed as a framework for your custom solution, you can edit all aspects
of PacketFilter to extend the software to satisfy your own needs. This
facility is available from the first boot. before the software even ran
once, and is menu driven to ease the operation.
PacketFilter is packaged for the Linux Router Project (LRP), an environment
that is designed to operate from a RAM disk. A Linux kernel and all of the
above software can be loaded from a single bootable diskette, which can be
operated read-only to enhance the security of your installation. No hard
disk installation is required.



_______________________________________________
Leaf-devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-devel

Reply via email to