[Wifidog] Version 1.0

Philippe April papril777 at yahoo.com
Fri Apr 23 07:44:47 EDT 2004 

I saw that howto, I thought it was very good and it would actually be the
best to manage the firewall with kernel calls.

However, I found it was pretty hard to integrate with WiFiDog because one
would need libiptc as a pre-requisite to compile WiFiDog (and usually, you
don't have those iptables sources with your OS).

We discarded the idea a couple of weeks ago but maybe I'll look into it
again and see if there's something feasible with it (maybe we could
include the libiptc sources with WiFiDog! :) )

I'll run some tests today and keep you posted.

Maybe Alex can do the same with ipf, see if it's easy to control with C
calls directly.

Philippe

> Maybe we can use libiptc to control our firewall...
> check the howto here : http://www.opalsoft.net/qos/libiptc/qlibiptc.html
>
> there's an intresting example how to calculate bandwidth usage in C.
>
> That might worth a look
>
> Tony
>
>
> On Thu, 2004-04-22 at 22:54, Alexandre Carmel-Veilleux wrote:
>> On Thu, Apr 22, 2004 at 07:24:37PM -0400, Philippe April wrote:
>> >
>> > If you can afford to say "probably not", maybe you could look at how
>> it
>> > should get done and suggest :) Since you have exposure to ipf and all
>> of
>> > those, maybe you can find a way that'll be easily portable.
>>
>> 	Heh ;-). I have a few ideas, including generating the firewall
>> scripts on the fly (or at start-up...) We could have a generation module
>> per firewall type. Simpler then using APIs and more versatile on a
>> platform where we don't have an advanced scripting language available.
>>
>> 	The generators would be mostly fprintf's.
>>
>> 	Added to this, we shift as much work to the firewall script,
>> maybe even one script.
>>
>> 	API side I'm not sure. Maybe we should only have one funtion,
>> fw_ctl() whose first argument is a flag that says something like
>> "FW_CLEANUP", "FW_ADD", "FW_DELETE", "FW_STAT"... Kind of like ioctl().
>>
>> 	This would work especially well with a single firewall script.
>>
>> > Ok let's focus on 1.0 with almost no custom stuff, then we'll debate
>> on
>> > this. I thought a mix would be good and I think we all agree about
>> this
>> > (local policies AND remote).
>>
>> 	That is something I can agree with. Let's get something into
>> early production.
>>
>> > Someone has to come up with a diagram explaining the classes, the
>> groups,
>> > etc.
>>
>> 	Definately. I'll try and see if I can squeeze it in.
>>
>> Alex
>>
>>
>> ______________________________________________________________________
>> _______________________________________________
>> Wifidog mailing list
>> Wifidog at isf.waglo.com
>> http://isf.waglo.com/mailman/listinfo/wifidog_isf.waglo.com
> --
> May Linux be with you!
>
>
> _______________________________________________
> Wifidog mailing list
> Wifidog at isf.waglo.com
> http://isf.waglo.com/mailman/listinfo/wifidog_isf.waglo.com
>


_______________________________________________
Wifidog mailing list
Wifidog at isf.waglo.com
http://isf.waglo.com/mailman/listinfo/wifidog_isf.waglo.com

More information about the Wifidog mailing list