[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: Ethernet with no IP address



Man - thanks so much for all the answers so quickly.  Without going into boring detail....I have a client that has a patent on a network security device that he now wants me to build a prototype for.  Part of the patent states that the device is 'invisible' to the Internet because it has no configured IP ports.  It is supposed to sit INLINE in the network somewhere (say between router and single PC) and filter/block packets that come through it to the destination PC or vica-versa.  It's kinda like a bridge (only with logic processing during the bridge operation).  If we address the ports, then I depart from the patent and I have no idea what is allowed from a legal standpoint in doing something like this.  As a high level application programmer (mostly Java for the past 15 years), I find myself woefully short on the knowledge/experience to accomplish such a task.

 

But again - thanks all for the responses!

 

Eric

 

From: Keith Osborne [mailto:keith@tdrnetworks.com]
Sent: Wednesday, July 10, 2013 8:56 AM
To: Eric Barnes
Cc: debian-firewall@lists.debian.org
Subject: Re: Ethernet with no IP address

 

Eric,

You'll need to enable IP forwarding in Debian and use IP tables to do packet inspection and act on whatever rules you write.

I don't see how Debian can be part of the process without the packets landing on a configured interfacce to examine the packets and then forward them based on rules. 

Keith

TDR Networks
[ hosting | e-commerce | custom development | linux | cisco ]
e: keith@tdrnetworks.com
w: http://www.tdrnetworks.com

On 10/07/2013 14:45, Eric Barnes wrote:

Greetings and Salutations;

 

Is it possible to access an Ethernet port in Debian WITHOUT it being configured? 

I would like a device that has two ports with no IPs and acts as a SWITCH, but with logic to examine and act on packets as they come through.

From the research I've done, this is not possible without developing custom device driver and/or possibly changing part of kernel.

Just looking for some confirmation either way from people that know.  :-)

 

Thanks,

Eric

 


Reply to: