Firewalls: Re: packet filter metalanguage

Firewalls
(December 1992)

Indexed By Thread: [Previous] [Next]

Subject:	Re: packet filter metalanguage
From:	jim @ tadpole . com (Jim Thompson)
Date:	Sat, 12 Dec 92 01:24:50 CST
To:	Firewalls @ GreatCircle . COM, brent @ GreatCircle . COM

Brent Chapman <brent @
 GreatCircle .
 COM> writes:

	(I like the NetBlazer syntax much better, by the
	way; it's much shorter and simpler).

Ah, but it implies contiguous bits, which ain't necessarily so.

	The option would be "log", and would specify whether or not you
	syslog the packet the tripped that filter, as well as the
	action taken by the filter.

Syslog is probably the *wrong* mechanism, but I agree that some form
of packet logging is desirable.  The user should be able to specify an
IP address/port pair where all packets to be 'logged' are sent.

Jim

Follow-Ups:

Re: packet filter metalanguage
From: avalon @ coombs . anu . edu . au (Darren Reed)

Indexed By Date	Previous:	address mask (was: packet filter metalanguage) From: Bob Sutterfield <bob @ MorningStar . Com>
Indexed By Date	Next:	Firewalls Digest V1 #48 From: phr @ napa . Telebit . COM (Paul Rubin)
Indexed By Thread	Previous:	address mask (was: packet filter metalanguage) From: Bob Sutterfield <bob @ MorningStar . Com>
Indexed By Thread	Next:	Re: packet filter metalanguage From: avalon @ coombs . anu . edu . au (Darren Reed)