Andy Loukes wrote: > My company needs to develop two netfilter applications. > > First a simple daemon which listens on a tcp socket for messages which > inform it to add or remove specific iptables rules. It needs to be > secure, very high performance and deal with multiple concurrent > requests. We currently use iptables rules, but when I get time I'm going > to try out using IPSet as it seems more appropriate. I don't know if there exists something similar so far, but it should not be hard to implement this. > Second an accounting daemon, it needs to connect to another server using > a to-be-defined protocol to update the packet and byte counts, in and > out per source ip address. I can extend ulogd [1] or the conntrack-tools [2] to do this, it should not be hard either. Probably your company can sponsor this extension. We can discuss the details in private. [1] http://www.netfilter.org/projects/ulogd/index.html [2] http://conntrack-tools.netfilter.org -- "Los honestos son inadaptados sociales" -- Les Luthiers -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
