[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Filtering questions
From:       Mika Borner <opensolaris () bluewin ! ch>
Date:       2009-06-07 16:54:21
Message-ID: 19324_1244394366_4A2BF37E_19324_3791_1_4A2BF0BD.80908 () bluewin ! ch
[Download RAW message or body]

Hi all

I have three questions:

-Is it possible to fast-route only fragmented packets? We plan to route 
port 25 traffic to an outgoing spamfilter running on Solaris. In rare 
cases, we might have fragmented packets in our network. In that case 
only the first packet will get rerouted, as the following fragments do 
not contain port information and will never be received by the 
spamfilter. I would like to handle this in a sane way...

-As some customers misuse port 25 for non-SMTP-traffic, I would like to 
either block or transparently pass such traffic. The "simple matching of 
content" -feature would come very close to what I want. Is it still 
experimental? Or maybe someone knows of an other way to accomplish this...

-Are there instructions how to replace Solaris 10U7 ipf with a custom one?

Thanks for your help!

Cheers
Mika
[prev in list] [next in list] [prev in thread] [next in thread]