On Fri, 2005-11-11 at 23:41 +0000, JP Beaudry wrote: > > I'm pretty new to kernel development and I'm currently attempting to > modify > a loadable kernel module. This module intercepts some of the > networking > calls (connect, accept, sendmsg, recvmsg, etc), presents them to a > security > engine and either completes or denies the calls based on the engine's > decision. This is done on RH3, kernel 2.4.21-4. can you post the URL to the sourcecode of this animal? to be honest I wonder why they sort of seem to duplicate firewall rules, and aren't using the firewall engine which provides hooks in all the right places... also you really shouldn't call setsockopt() in the kernel, it highly depends on the arguments being in userspace.... > -- Kernelnewbies: Help each other learn about the Linux kernel. Archive: http://mail.nl.linux.org/kernelnewbies/ FAQ: http://kernelnewbies.org/faq/
