Hi guys, I've got some skills in C language, and as a project for my studies, I'd like to develop a layer-7 filtering tool with PF, like this one which works with Linux/Netfilter: http://l7-filter.sourceforge.net/
So I'd like to know if there is some documentation, book or whatever explaining precisely the PF internals, and how to add some userspace features, because I guess it's a not a good idea to add some regexp code in kernelspace :). I googled a bit, and I've found the book "Building Firewalls with OpenBSD and PF, 2nd ed." by Jacek Artymiak. I've read the online available chapters, it sure seems interesting for setting up a firewall with PF, but I don't think it deals with its internal mechanisms. Naturally, I'm also looking at the pfctl sources included in src.tar.gz, but some help/advice would be greatly appreciated. Thanks for your time. P.S: I didn't know where to ask, but misc was the most appropriated I guess. -- Regards, Pierre-Yves Rofes
