Subject: Re: divert socket?
To: luke <luke@cis.nctu.edu.tw>
From: Hubert Feyrer <hubert.feyrer@informatik.fh-regensburg.de>
List: tech-kern
Date: 10/24/2001 13:56:40
On Wed, 24 Oct 2001, luke wrote:
> Does NetBSD has mechanism similar to divert socket in FreeBSD or
> iptables QUEUE target in Linux?
> I want to convey some packets from kernel to user space applicatoin which is
> an intrusion detection system(IDS).
> If IDS finds malicious packets, it will drop them, otherwise, it will pass
> them to kernel again.
I don't know about divert sockets, but I see two alternatives:
1) the standard bpf interface as used e.g. by IDS systems like
snort (it's in pkgsrc)
2) the tun(4) tunnel device
- Hubert
--
Want to get a clue on IPv6 but don't know where to start? Try this:
* Basics -> http://www.onlamp.com/pub/a/onlamp/2001/05/24/ipv6_tutorial.html
* Setup -> http://www.onlamp.com/pub/a/onlamp/2001/06/01/ipv6_tutorial.html
Of course with your #1 IPv6 ready operating system -> http://www.NetBSD.org/