[Edu-sig] ports
Stephen R. Figgins
fig@oreilly.com
Mon, 15 May 2000 07:26:17 -0700
>A firewall is a difficult thing to try to build!
How about a packet sniffer or a port blocker? Those might be easier
to start out with. You would still need to work with packets at the
IP level.
Although, these tasks are usually very process intensive. I know
whenever we run a packetsniffer CPU cycles go way up and the system
slows down a lot. Python might not be the most appropriate language
for this kind of thing. I doubt there is a Python module for it.
The only thing I have read about dealing with this low level network
stuff is Appendix E of Unix Systems Programming for SVR4 (O'Reilly
1996). It describes the Data Link Provider Interface (DLPI) available
on SVR4 systems. I suspect that the Linux kernel has an API to work
directly with the kernel as well, and that might be even faster.
Windows probably has its own API as well.
If you know C, you could try getting a packet sniffing program and see
how it was written. One using DLPI can be found in the example code
from Unix Systems Programming for SVR4.
ftp://ftp.oreilly.com/pub/examples/nutshell/sys.prog/
I love playing with low level stuff, you learn a lot that way.
Stephen R. Figgins
fig@oreilly.com