netdev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

extending dst_entry

from [Fruhwirth Clemens] [Permanent Link][Original]
To: netdev@xxxxxxxxxxx
Subject: extending dst_entry
From: "Fruhwirth Clemens" <clemens-dated-1022873908.6a98@xxxxxxxxxxxxx>
Date: Sun, 26 May 2002 21:38:28 +0200
Sender: owner-netdev@xxxxxxxxxxx
User-agent: Mutt/1.3.28i 
hi!

i'd like to add an netfilter module, which limits the diversity of tcp/udp
ports for a given remote peer via a tocken bucket filter. the aim of that is
mainly an instant response to port scans. it's quite easy to modify the
"limit" module that netfilter has right now, but in opposite to this module
my module will need to store information with every remote peer instead of a
global match rule state.
so i'm thinking about extending dst_entry and further dst.c to contain
netfilter specific code, which lead to a not so nice spagetti code
architecture.

any other suggestions how i could store peer specific information without
implementing an dst_entry styled hashtable on my own?

clemens

please CC me, not on list.

Attachment: pgp0NcphBqKzA.pgp
Description: PGP signature

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • extending dst_entry, Fruhwirth Clemens <=
Previous by Date:  802.2 question, Thomas 'Dent' Mirlacher
Next by Date:  [PATCH RFC] 2.4.18+ cache align some tcp globals, Nivedita Singhvi
Previous by Thread:  802.2 question, Thomas 'Dent' Mirlacher
Next by Thread:  [PATCH RFC] 2.4.18+ cache align some tcp globals, Nivedita Singhvi
Indexes:  [Date] [Thread] [Top] [All Lists]