LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 01-07-2007, 11:31 AM   #1
vishamr2000
Member
 
Registered: Aug 2004
Posts: 210

Rep: Reputation: 31
building a connection tracking mechanism!!


Hi to all,

I want to implement a simple connection tracking mechanism similar to that of IPTables but for the Layer 2 filtering tool Ebtables (for the TCP packets only). The connection tracking mechanism will have to keep track of mac addresses as well sequence numbers.

I wanted some help about the following:

1) what files do I have to look at in IPtables and then inspire myself from in order to build the conntrack mechanism? IS there a basic version of the IPTables conntrack (when it was first developed and includes only the strict minimum functionality. This will help me understand the source code more easily and not get lost)?

2) What other pieces of information do you think might be important for me to keep in mind in order to build the system? Any tips & suggestions are most welcome..

Thx in advance...

Warm regards,
Visham Ramsurrun

Last edited by vishamr2000; 01-07-2007 at 11:32 AM.
 
Old 01-07-2007, 12:04 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
I want to implement a simple connection tracking mechanism similar to that of IPTables but for the Layer 2 filtering tool Ebtables (for the TCP packets only).
Good luck!


IS there a basic version of the IPTables conntrack
Check kernel/iptables CVS, SVN (or whatever they use these days) or email Rusty (IIRC and there's only one ;-p).


What other pieces of information do you think might be important for me to keep in mind in order to build the system?
I would guard against going down that road alone if there's ongoing initiatives. I'd strongly recommend hooking up with the official Iptables/Ebtables development team.


BTW, maybe this thread would be better off in the Programming forum as they aren't really Linux Security questions IMO.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
disable connection tracking lmqhfx Fedora - Installation 1 09-17-2005 10:31 PM
Help with connection tracking vishamr2000 Linux - Security 1 05-27-2005 09:37 AM
Help with connection tracking!! vishamr2000 Linux - Security 1 05-27-2005 04:47 AM
nat/masquerade, connection tracking b0uncer Linux - Networking 2 07-20-2004 04:22 AM
Connection tracking for Active FTP paradoxlight Linux - Networking 1 03-25-2003 03:18 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 01:05 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration