Firewall Wizards mailing list archives

Re: IPTables QUEUE target equivalency in other firewalls

From: Barney Wolff <barney () pit databus com>
Date: Wed, 26 Feb 2003 15:21:28 -0500

ipfw certainly does, called divert.  It's used by natd but is general
and usable by others instead or in addition to natd.

On Wed, Feb 26, 2003 at 01:01:01PM -0700, Rod Marten wrote:

Netfilter/IPTables supports a target of QUEUE which delivers packets to
a userspace interface where they can be modified,inspected etc.  For
example, the QUEUE target is used by Snort-inline to inspect and
allow/drop packets in realtime.

Do any other firewalls have a similar function?  I am particularly
interested in ipFilter, ipfw, packetfilter, or PIX (I know PIX is highly
unlikely since it is more of a dedicated appliance).


-- 
Barney Wolff         http://www.databus.com/bwresume.pdf
I'm available by contract or FT, in the NYC metro area or via the 'Net.
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

IPTables QUEUE target equivalency in other firewalls Rod Marten (Feb 26)
- Re: IPTables QUEUE target equivalency in other firewalls H. Morrow Long (Feb 27)
- Re: IPTables QUEUE target equivalency in other firewalls Barney Wolff (Feb 27)
- Re: IPTables QUEUE target equivalency in other firewalls John Dorsey (Feb 27)