Transparent bridging / smart rate limiting

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I’ve decided to try to make a transparent bridge, that should drop packet’s based on some weird rules.

I have googled around a bit and couldn’t find any information about what I would like to do.

And therefore I now send a mail to this mailinglist in hope that someone can either help me, or point me in the right direction.

 

What I want to do is the following:

Make a transparent bridge that starts dropping ICMP packets that are oversized(malicious icmp), drop all syn packets that comes from spoofed hosts(non existent ip’s), drop other obvious malicious traffic.

My problem is not dropping packets(hehe), the problem is dropping packets based on these rules, so that legit icmp/syn traffic etc will not be affected by the rules.

I’ve done some testing with hogwash as transparent bridge to intercept and block malicious packets. I was however not able to use hogwash to drop icmp/syn based on above clearified rules.

 

 

If someone could point me in the right direction/maybe someone has some examples(?) I would be very greatfull.

Thanks in advance for any help.

 

Your’s,

Tor Inge Kloumann

Stfu-certified engineer


[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux