Stephen Hemminger <step...@networkplumber.org> writes: > > The point is that doing it outside of TCP core is safer, less error prone > and more flexible.
Or to put the question differently: what hooks would be needed to make this efficiently work in user space? It could be something like this: Firewall the port with forwarding the SYN packets using nfqueue, check for the SYN having the right magic, change a firewall rule, re-inject using nfqueue (not fully sure how well that works) -Andi -- a...@linux.intel.com -- Speaking for myself only -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/