OSDev.org

In this update, I finally got the packet-passthrough to work so that it does not interrupt the network. Also, I did some tests using both speedtest.net and ethereal (wireshark) to see how much 'lag' there was with or without DiNS in the mix. The test concluded that there is no noticable loss between packet transfers.

I have also tweaked my bittorrent filtering a bit so that it not only stops downloads, but now it pseudo-accepts the initial handshake to fool the client into thinking all is well. . . just no clients can connect. Gnutella filtering is going nicely as well. working on pseudo handshakes there as well.

my newest project is working on a http-server to dish out webpages to clients over the network. this part seems quite daunting of a task though.

here is the latest speedtest from one computer running through a p4 with DiNS installed on a 12-Mb comcast connection with speedburst.

Impressive that you've gotten all that working, but why would you want to stop bittorrent and gnutella downloads? Something like limiting speed I could understand (some sort of QoS implementation), but I don't think I'd like to use something that kills all my transfers because it feels like it. As far as security goes, downloading seems like a voluntary thing unless you're thinking of protecting against botnets or something, in which case you've got a different problem entirely (even if you stop the downloads, something still got through your security system).

nice, i can't wait till you have a release, it sounds tasty

lukem_95 wrote:nice, i can't wait till you have a release, it sounds tasty

Actually, if I remember correctly previous discussions, it's actually designed to run on custom hardware. The OP can correct me if I'm wrong.

actually I'm working on a replica (ish) version to run on the x86_64 platform, so far it has the basics down, but that one will actually be publically released (still closed source). I shoot to have it testable before the end of 2 weeks. You are correct on the dedicated hardware bit, although I am not releasing many details or the OS itself publically, I don't see that it would make a difference anyways. =)

I am filtering BT and p2p because I intend to sell this product to corporations or other businesses to limit employee money-wasting and bandwidth consumption.

Also, I have just implemented a working bi-directional firewall for the upper-spectrum of ports. Soon hopefully I will have the http server up and running to accept customizable port ranges and if they will be bi-directional or just incoming filters.

Oh awesome, I didn't realize you were marketing this to businesses--the filtering makes sense now. Congratulations on getting as far as you have, and I hope you make some money for your effort.

I wouldn't mind doing some testing for you on x86 hardware. We need such a system here . It'd depend mainly on what network devices you support at the moment, though.

Great, the x86 version will end up supporting multiple network cards (as opposed to the other one). I would like to support most NE2K cards along with the primary cards of choice being the RTL8139 and the DP8390.

Also, in the future (probably not first beta) I will end up supporting filters for other packet architectures besides TCP/IP (AppleTalk, IPX, etc).

I've talked to some local businesses and schools and they show great interest in such a product, so hopefully I can play this right and give them the product that they want. Also, as opposed to Cisco's line of products that offer some web protection, the price will vary SIGNIFICANTLY. I'd like to eliminate the issue of businesses paying 30k+ for a cisco product, when they can go with a cheaper solution < 10k . But I'm still crunching numbers on that side.