Results 1 - 10
of
1,632
The BSD Packet Filter: A New Architecture for User-level Packet Capture
, 1992
"... Many versions of Unix provide facilities for user-level packet capture, making possible the use of general purpose workstations for network monitoring. Because network monitors run as user-level processes, packets must be copied across the kernel/user-space protection boundary. This copying can be m ..."
Abstract
-
Cited by 568 (2 self)
- Add to MetaCart
be minimized by deploying a kernel agent called a packet filter, which discards unwanted packets as early as possible. The original Unix packet filter was designed around a stack-based filter evaluator that performs sub-optimally on current RISC CPUs. The BSD Packet Filter (BPF) uses a new, registerbased
Assessment of Packet Filter Technology
, 2006
"... Packet filters are widely adopted security technologies that provide strong security defenses to a network. However, despite their strength they also pose a danger with a false sense of security. In this paper, we assess packet filter technology to provide an increased understanding of their limitat ..."
Abstract
-
Cited by 1 (1 self)
- Add to MetaCart
Packet filters are widely adopted security technologies that provide strong security defenses to a network. However, despite their strength they also pose a danger with a false sense of security. In this paper, we assess packet filter technology to provide an increased understanding
Adaptive Packet Filters
- in Proceeding of IEEE GLOBECOM’01
, 2001
"... Adaptive Packet Filters (APFs) are motivated by the proliferation of distributed servers and the lack of Quality-of-Service (QoS) management solutions for them. APFs merge packet-filtering and server load monitoring into a novel load-sensitive packet-filtering abstraction for overload protection and ..."
Abstract
- Add to MetaCart
Adaptive Packet Filters (APFs) are motivated by the proliferation of distributed servers and the lack of Quality-of-Service (QoS) management solutions for them. APFs merge packet-filtering and server load monitoring into a novel load-sensitive packet-filtering abstraction for overload protection
Packet Filtering in an IP Router
- In Proceedings of the fifth Large Installation Systems Administration Conference
, 1991
"... By using existing information in packet headers, routers can provide system administrators a facility to manage network connections between computers. Host address, network number, interface, direction, protocol, and port number are parameters that may be used to implement an access control policy. ..."
Abstract
-
Cited by 5 (0 self)
- Add to MetaCart
. We present experiences developing the packet filtering facility in the NetBlazer dial-up IP router. We address the sometimes conflicting design goals of efficient performance and ease of administration by choosing internal data structures that simplify per packet lookup and then devoting 90 per cent
Packet Filtering in an IP Router
- In Proceedings of the fifth Large Installation Systems Administration Conference
, 1991
"... By using existing information in packet headers, routers can provide system administrators a facility to manage network connections between computers. Host address, network number, interface, direction, protocol, and port number are parameters that may be used to implement an access control polic ..."
Abstract
- Add to MetaCart
policy. We present experiences developing the packet filtering facility in the NetBlazer dial-up IP router. We address the sometimes conflicting design goals of efficient performance and ease of administration by choosing internal data structures that simplify per packet lookup and then devoting 90
Detecting and Resolving Packet Filter Conflicts
, 2000
"... 1 Packet filters are rules for classifying packets based on their header fields. Packet classification is essential to routers supporting services such as Quality of Service (QoS), Virtual Private Networks (VPNs), and firewalls. A filter conflict occurs when two or more filters overlap, creating an ..."
Abstract
-
Cited by 71 (1 self)
- Add to MetaCart
1 Packet filters are rules for classifying packets based on their header fields. Packet classification is essential to routers supporting services such as Quality of Service (QoS), Virtual Private Networks (VPNs), and firewalls. A filter conflict occurs when two or more filters overlap, creating
High-Speed Dynamic Packet Filtering
"... ntop.org One problem encountered while monitoring gigabit networks, is the need to filter only those packets that are interesting for a given task while ignoring the others. Popular packet filtering technologies enable users to specify complex filters but do not usually allow multiple filters to be ..."
Abstract
-
Cited by 11 (2 self)
- Add to MetaCart
ntop.org One problem encountered while monitoring gigabit networks, is the need to filter only those packets that are interesting for a given task while ignoring the others. Popular packet filtering technologies enable users to specify complex filters but do not usually allow multiple filters
The Packet Filter: An Efficient Mechanism for User-level Network Code
- IN PROCEEDINGS OF THE ELEVENTH ACM SYMPOSIUM ON OPERATING SYSTEMS PRINCIPLES
, 1987
"... Code to implement network protocols can be either inside the kernel of an operating system or in user-level processes. Kernel-resident code is hard to develop, debug, and maintain, but user-level implementations typically incur significant overhead and perform poorly. The performance of user-level ..."
Abstract
-
Cited by 222 (7 self)
- Add to MetaCart
-level network code depends on the mechanism used to demultiplex received packets. Demultiplexing in a user-level process increases the rate of context switches and system calls, resulting in poor performance. Demultiplexing in the kernel eliminates unnecessary overhead. This paper describes the packet filter
Ffpf: Fairly fast packet filters
- In Proceedings of OSDI’04
, 2004
"... FFPF is a network monitoring framework designed for three things: speed (handling high link rates), scalability (ability to handle multiple applications) and flexibility. Multiple applications that need to access overlapping sets of packets may share their packet buffers, thus avoiding a packet copy ..."
Abstract
-
Cited by 49 (13 self)
- Add to MetaCart
performance compared to existing approaches such as BSD packet filters, and especially shines when multiple monitoring applications execute simultaneously. Flexibility is achieved by allowing expressions written in different languages to be connected to form complex processing graphs (not unlike UNIX
Results 1 - 10
of
1,632