[EMAIL PROTECTED] wrote:
Hi,
At the university i am working on a project where i have to implement deep
packet inspection(payload inspection) with some firewall(i picked OpenBSD's
pf), currently i am thinking about design and implementation of that. One of
the most obvious options is to rdr packets to user-land proxy (just like ftp-
proxy)
Yes.
however i'd like to implement that in kernel-land.
You will be flamed, be warned.
So the question is:
What are possible ways of implementing payload inspection in kernel? How is it
possible to pass data from kernel-space to user-space(with kernel being
initiator of that transfer)?
There is many way.
You can use socket like the routing socket.
You can have the userland be the initiator,
and wait for data in the kernel:
for(;;) { get_kernel_data() }
Another question is where i can get some documentation on mbuf's, etc ?
man mbuf
Cedric
