I am investigating an option to use netfilter to allow/deny traffic from the local subnet based on rules/accounting information that is in another (Java based) system. I am new to netfilter so, I can someone offer some suggestions: 1. Is netfilter the right place to hook or should I look at a firewall that may provide some higher level hooks for authentication and accounting? 2. If I should hook into netfilter, is it a good idea to call into a JVM from a netfilter module? 3. I am not sure what kind of control I have when using the userspace driver but, should I use that in this situation? Can I use that directly from Java so I wouldn't have the hassel of calling into a JVM from a native process? If anyone can offer any other suggestions or examples, that would be appreciated. Thanks. Tony
