![]() ![]() It's almost like I'm asking for FUSE, except for firewalls instead of filesystems. I realize this is likely to lower the potential throughput, but perhaps the solution you guys recommend will have documentation that will let me clarify the impact of that caveat. For example, in HTTP traffic I may wish to check the Host header to determine what website the browser is attempting to visit. I'm envisioning that I would write a Java application, that would allow me to sniff the traffic to make a determination on whether it should be allowed. Examples of policy requirements include permitting only necessary Internet Protocol (IP) protocols to pass, appropriate source and destination IP addresses to. I'm only interested in ICMP, UDP and TCP packets. Is there some system for Linux or Illumos that will take all network packets, and provide them to my application to make a determination on whether they should be allowed, dropped or refused? (or re-written) I am only interested in using a high-level language, preferably Java or Node.JS. ![]() I posted a question on ServerFault about a specialized Firewall setup, but as an avid software developer I am also considering rolling my own. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |