Building a firewall from scratch


Right off the assembly line
Hi Guys! I am trying to develop a firewall from scratch in linux environment using C. Actually its more of a Unified Threat Management sysytem .I need some help in deciding which features to include like antispam, content filtering, vulnerability analyzing,etc. I have exactly 1 year to complete this project so please suggest which features can be coded completely in time.

I also need help in getting started. Actually I have broken the process of development in 4 stages namely :

1. Capture the packet (using libcap)
2. Break the packet into headers and data (using libpcap)
3. Analyze the headers and data and make a decision
4. ACCEPT or DROP the packet (using netfilter in linux)

Its the third step that will depend on the features which are included in the project. I plan to code using the UNIX Socket API.

Please help me out here in getting started.

Thanks in advance


Right off the assembly line
Yes, packet filtering is what I plan but what I am thinking of doing is breaking a packet into headers and data. Header analysis will be the "packet-filtering firewall" kind of thing and analyzing the data would be an "application-layer firewall" kind of thing.

I need to know whether I am on the right track.
Top Bottom