Hi there,
I am doing a project on VoIP security. I need to implement a
Application layer gateway on top of the linux firewall. But I have no
clue how to do it, I hope someone can help me with it.
The current firewall uses IP_QUEUE to pick up a packet,
authenticate it, then do something with the packet, and forward the
packet to the server. However, IP_QUEUE only has a single FIFO queue
(is this correct?), if the system is under a flooding attack, this
firewall can't help to reduce the effect of the attack.
I want to add a priority on the firewall. To prioritize the
packets, deep packet inspection is needed, then packets need to be put
in different queues depending on the caller and callee numbers.
Could anyone please give me some suggestion on how to make this happen?
Thank you very much,
Ling
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
