Hi Carmine the best sample application for doing conditional packet forwarding is pfdnabounce in userland/examples/. You should extend dummyProcessPacketZero() returning DNA_BOUNCER_PASS if a packet pass your filter, DNA_BOUNCER_DROP otherwise.
Best Regards Alfredo On Mar 28, 2013, at 8:05 PM, "[email protected]" <[email protected]> wrote: > Hi, I want to make an application that filters the incoming traffic on a 10G > NIC with DNA enabled ( Intel 82599) > > The basic filter should behave as follows for every IP packet: > > IF ( IP_SOURCE OR IP_DEST == A.B.C.D ) > FORWARD_PACKET(); > ELSE > DROP_PACKET(); > > I have to guarantee that also fragmented IP packets get filtered. What is the > best practice in order to get the best speed? > > I can't find online an example for such a simple filter with PFRING, > > Thank you in advance > Carmine > _______________________________________________ > Ntop-misc mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop-misc _______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
