On Tue, Aug 08, 2006 at 12:41:13AM +0200, Pierre-Yves Rofes wrote: > Hi guys, > > I've got some skills in C language, and as a project for my studies, I'd > like to develop a layer-7 filtering tool with PF, like this one which > works with Linux/Netfilter: http://l7-filter.sourceforge.net/ > > So I'd like to know if there is some documentation, book or whatever > explaining precisely the PF internals, and how to add some userspace > features, because I guess it's a not a good idea to add some regexp code > in kernelspace :).
Look at /usr/src/usr.sbin/ftp-proxy, interacts with pf and runs in userspace. > > I googled a bit, and I've found the book "Building Firewalls with OpenBSD > and PF, 2nd ed." by Jacek Artymiak. I've read the online available > chapters, it sure seems interesting for setting up a firewall with PF, but > I don't think it deals with its internal mechanisms. It's for firewall builders, not kernel developers > > Naturally, I'm also looking at the pfctl sources included in src.tar.gz, > but some help/advice would be greatly appreciated. > > Thanks for your time. > > P.S: I didn't know where to ask, but misc was the most appropriated I guess. > > -- > Regards, > Pierre-Yves Rofes > > Tobias
