Very Computer

We've got two networks, an administrative one and an academic one, each
with it's own netware 3.12 server. We use a linux box to firewall IP, and
I would like to do the same with IPX, so that the admin server is either
not visible or not accessable from the academic network. This is of
increasing importance as our academic IPX network is soon to be linked to
the rest of the university network.

The catch is that the academic server itself must be able to talk to the
admin one (for arcserve backup) and one of the PCs connected to the
admin network needs to be able to access both servers.

Has anybody attempted to hack a kernel to filter IPX, or alternatively
tried hacking ipxripd to prevent certain routes being advertised to parts
of the network?

If the answer is no, I intend to do one or other of these myself. Any
useful pointers to help me with this task would be greatly appreciated.

Thanks.

--
/   Ben McKeegan                                                       \
\   Fitzwilliam College, University of Cambridge, UK.                  /

Quote:> If the answer is no, I intend to do one or other of these myself. Any
> useful pointers to help me with this task would be greatly appreciated.

In the simplest case, these functions simply return FW_ACCEPT or
FW_BLOCK.

I have no idea about the IPX header structure, so I have no idea where
your code needs to look inside the packet.  But hardcoding up
something which works for your immediate case should take you 1 hour
or so + testing time.

I implemented a new firewall variant for IP; you could look at my
2.0.33 patch for an idea on how to do it (your code would probably
start less full-featured than this).

Feel free to contact me if you need more help or want a second pair of
eyes,
Rusty.
--
 .sig lost in the mail