Index of /anonymous/fire/netfilter

 Name                                      Last modified      Size  Description
 Parent Directory                                               -   
 ipnatctl-HOWTO-1.txt                      13-Sep-1999 02:26  3.4K  
 ipnatctl-HOWTO-2.txt                      13-Sep-1999 02:26  3.3K  
 ipnatctl-HOWTO-3.txt                      13-Sep-1999 02:26  4.2K  
 ipnatctl-HOWTO-4.txt                      13-Sep-1999 02:26  3.5K  
 ipnatctl-HOWTO-5.txt                      13-Sep-1999 02:26  2.7K  
 ipnatctl-HOWTO-6.txt                      13-Sep-1999 02:26  2.2K  
 ipnatctl-HOWTO-7.txt                      13-Sep-1999 02:26  837   
 ipnatctl-HOWTO-8.txt                      13-Sep-1999 02:26  550   
 ipnatctl-HOWTO-9.txt                      13-Sep-1999 02:26  555   
 ipnatctl-HOWTO.html                       13-Sep-1999 02:18  2.4K  
 iptables-HOWTO-1.txt                      13-Sep-1999 02:27  1.2K  
 iptables-HOWTO-2.txt                      13-Sep-1999 02:27  534   
 iptables-HOWTO-3.txt                      13-Sep-1999 02:27  5.8K  
 iptables-HOWTO-4.txt                      13-Sep-1999 02:27  1.4K  
 iptables-HOWTO-5.txt                      13-Sep-1999 02:28  2.6K  
 iptables-HOWTO-6.txt                      13-Sep-1999 02:28   27K  
 iptables-HOWTO-7.txt                      13-Sep-1999 02:28  1.7K  
 iptables-HOWTO.html                       13-Sep-1999 02:18  2.2K  
 kernel-hacking-HOWTO-1.html               27-Sep-1999 08:13  1.6K  
 kernel-hacking-HOWTO-2.html               27-Sep-1999 08:13  3.9K  
 kernel-hacking-HOWTO-3.html               27-Sep-1999 08:13  3.3K  
 kernel-hacking-HOWTO-4.html               27-Sep-1999 08:13  5.5K  
 kernel-hacking-HOWTO-5.html               27-Sep-1999 08:14   12K  
 kernel-hacking-HOWTO-6.html               27-Sep-1999 08:14  2.7K  
 kernel-hacking-HOWTO-7.html               27-Sep-1999 08:14  1.8K  
 kernel-hacking-HOWTO-8.html               27-Sep-1999 08:14  3.9K  
 netfilter-0.1.0.tar.bz2                   09-Jun-1999 14:33  215K  
 netfilter-0.1.1.tar.bz2                   14-Jun-1999 22:10  218K  
 netfilter-0.1.2.tar.bz2                   28-Jun-1999 16:04  222K  
 netfilter-0.1.3-0.1.3.1.diff.bz2          27-Jul-1999 23:11  2.0K  
 netfilter-0.1.3.1.tar.bz2                 27-Jul-1999 23:12  237K  
 netfilter-0.1.3.tar.bz2                   20-Jul-1999 18:12  237K  
 netfilter-0.1.4.tar.bz2                   13-Sep-1999 02:17  158K  
 netfilter-0.1.5.tar.bz2                   13-Sep-1999 02:17  178K  
 netfilter-0.1.6.tar.bz2                   13-Sep-1999 02:17  229K  
 netfilter-0.1.7-always-another-bug.patch  13-Sep-1999 02:18  290   
 netfilter-0.1.7.tar.bz2                   13-Sep-1999 02:17  226K  
 netfilter-0.1.8.tar.bz2                   17-Sep-1999 16:24  231K  
 netfilter-0.1.9.tar.bz2                   28-Sep-1999 08:30  234K  
 netfilter-0.1.10.tar.bz2                  05-Oct-1999 11:14  242K  
 netfilter-1999-05-12.tar.bz2              11-May-1999 18:42  245K  
 netfilter-1999-05-31.tar.bz2              30-May-1999 19:35  248K  
 netfilter-1999-06-04.tar.bz2              03-Jun-1999 15:43  259K  
 netfilter-1999-06-08.tar.bz2              08-Jun-1999 13:01  202K  
 netfilter-110200cvs.tar.gz                02-Nov-2000 09:51  387K  
 netfilter-hacking-HOWTO-1.txt             13-Sep-1999 02:28  6.2K  
 netfilter-hacking-HOWTO-2.txt             13-Sep-1999 02:28  5.1K  
 netfilter-hacking-HOWTO-3.txt             13-Sep-1999 02:28   37K  
 netfilter-hacking-HOWTO-4.txt             13-Sep-1999 02:28  3.8K  
 netfilter-hacking-HOWTO-5.txt             13-Sep-1999 02:28  410   
 netfilter-hacking-HOWTO-6.txt             13-Sep-1999 02:28  4.6K  
 netfilter-hacking-HOWTO.html              13-Sep-1999 02:19  3.1K  
 netfilter-hacking-HOWTO.txt               13-Sep-1999 02:28  1.7K  
 netfilter-patch-1999-04-28-1999-05-12.bz2 11-May-1999 18:44  172K  
 netfilter-patch-1999-05-12-1999-05-31.bz2 30-May-1999 19:34  170K  
 netfilter-patch-1999-05-31-1999-06-04.bz2 03-Jun-1999 15:45   16K  
 netfilter-patch-1999-06-08-0.1.0.tar.bz2  09-Jun-1999 14:34   39K  
 patch-netfilter-0.1.10-cleanup.bz2        05-Oct-1999 11:14  160K

Rusty's Netfilter Playground

Fri Jan 29 20:15:23 CST 1999

Features:

Modular framework for mangling packets (NAT, transparent proxying, TOS mangling, packet filtering) at various stages; there are 6 of these for IP: immediately on entering, pre-routing, pre-local-delivery, forwarding, local-pre-routing, and pre-output.
The ability to hand packets to userspace at any of these points (an example userspace packet device is included, and a port of the ipchains kernel code to userspace was achieved with an earlier version). I probably broke alot of locking doing this.
Beginning of a netfilter caching infrastructure; each hook ORs into a bitmask indicating what fields of the packet was examined. This will allow intelligent bypassing of these hooks in certain cases.
Mainly working implementation of NAT/masquerading/RNAT/transparent proxying.
New firewall tool `iptables'; the in-kernel code has been enhanced and modularized, while shedding 1k (2.0.35: 9520 bytes, 2.2.0: 11352 bytes, 2.2.0+netfilter: 10520 bytes).

TODO:

Many things, but here are the highlights:

Get rid of many nf_drop calls; come up with policy on when it should be called; it's designed to allow logging of packets dropped by routing code, etc.
Create framework for userspace control of NAT, for transparent proxying, and NAT in userspace.
Port special-case masq code to new structure, where possible implementing in userspace.
Port ipchains and ipfwadm as kernel modules: they should then be usable by the old ipfwadm and ipchain binaries.
More documentation, code cleanup.
Do something with caching info.

Enjoy,

Paul.Russell@rustcorp.com.au