I want to write a simple traffic identifiter based on netfilter hook functions because I think netfilter hook is easier to implement. I want this using regular expression to identify some layer-7 traffic such as ftp,p2p. But , considering ftp traffic is on layer 7 while netfilter hooks work on layer 3 , I wonder if it is possible ? If so , is that proper for the identifiter do lots of work on layer 3 aiming at some pattern match on layer 7? thx a lot .
There is the l7-filter project, which is based on netfilter. It has lots of predefined regexes.
Related
I am investigating SCTP and whether its useful for sending BULK SMS BUSSINESS in any way.So far my efforts have gone vain.I am not from telecom background.
So have faced some challeges to get acquainted.Perhaps any point of advice to use SCTP or ANY other part of SS7 leading to enhacement of the process of sending BULK SMS is highly appreciated.Many thanks for reading this
SCTP in itself will get you nowhere - you need one of the user adaption layers (e.g. M3UA, SUA) - and then the rest of the stack (e.g. in case of M3UA: SCCP, TCAP, MAP). This however will only be useful if you are an mobile operator and have a mobile operator license from your countries telco regulator - as no other operator will have much to do with you without this.
Closest you might get is SMPP interface from a Mobile operator - but these are usually not easily provided. So you are left with working with some other provider which already has arrangements in place with the operators in your country. Though it is theoretically possible that one of them might require you to use SCTP - it will not be to carry SS7 (i.e. MAP).
I want to implement SNMP-agent for PowerPC board using net-snmp.
Previously it was implemented using SMASH. SMASH has a parser
which could read MIB and generate C code (blank function imlementation)
How do I get started?
Try to look at mib2c tool from net-snmp. It will generate the snmp agent C code from the MIB. Then you have to only fulfill the return values to SNMP requests. Skeleton of responding to SNMP requests (get, set, get-next) are automatically done by generating.
Do you have a look to Writing a MIB module tutorial.
I took a different approach to this. In order to better integrate with my C++ ecosystem, and to obtain greater flexibility (particularly at scale), I:
Had a pre-build step parse the result of snmptranslate (that is, the MIB tree) into a bunch of C++ maps and other containers for use in code
Borrowed Net-SNMP's transport and PDU building functions
But serviced requests myself upon receipt, using my C++ maps and the data already available to my application
This made notification generation trivial (I just needed some variant types to generate varbinds, a bit of PDU construction and then left the rest to Net-SNMP's transport feature), although for requests I did then have to implement table walking myself (and GetNext/GetBulk/Set are not trivial unless you avoid all tables, or at least avoid composite-index tables).
The result is a fast, robust and scalable SNMP agent with expressive code that's easy to maintain and to extend.
You don't say you're using C++, but this does give an idea of how you can cherry-pick Net-SNMP functionality without necessarily buying into its entire ecosystem.
Do note that I have no idea how SNMPv3 would fit into this model; I cleverly left the company before it became my problem. :)
I've heard of On Board Units (OBU) can communicate via RS485.
My question is, how?
For example, I would like to ask the state of some runtime variables from the OBU (what doors are open?, etc.)
Or another example, I would like to send some data to the OBU (outside temperature).
What protocol must I implement to do these? Are the any sample implementations available somewhere?
Thanks,
krisy
I'm looking for some input on witch file transfer protocol to use over a serial line. I want to be able to transfer files of max 200 Mb size over a serial line (RS232) in both directions, but only one of the machines needs to be able to initiate the get/put (think master-slave).
The protocol also needs to be:
Easy/simple to implement since I would need to write both client and server myself (limited, embedded hardware)
Fairly robust, fault checking/recovery etc
At least somewhat standardized, in case I need to get a third party to implement it on some other hardware
Kermit? TFTP? Simplest possible home brew? What do you think?
In the beginning was the Xmodem, which was very simple to implement. Chuck Forsberg looked at the xmodem and decided it was inefficient, so he begat the Ymodem, but it's implementations were buggy and both x and ymodem were replaced with Zmodem.
Kermit followed on later. Kermit would probably be the "Standard" way to implement this. Do you have access to libraries for Kermit that will run on your embedded platform? If not I would probably consider one of the other options.
If ease of implementation is your primary concern then Xmodem wins hands down.
The new IObservable/IObserver frameworks in the System.Reactive library coming in .NET 4.0 are very exciting (see this and this link).
It may be too early to speculate, but will there also be a (for lack of a better term) IQueryable-like framework built for these new interfaces as well?
One particular use case would be to assist in pre-processing events at the source, rather than in the chain of the receiving calls. For example, if you have a very 'chatty' event interface, using the Subscribe().Where(...) will receive all events through the pipeline and the client does the filtering.
What I am wondering is if there will be something akin to IQueryableObservable, whereby these LINQ methods will be 'compiled' into some 'smart' Subscribe implementation in a source. I can imagine certain network server architectures that could use such a framework. Or how about an add-on to SQL Server (or any RDBMS for that matter) that would allow .NET code to receive new data notifications (triggers in code) and would need those notifications filtered server-side.
Well, you got it in the latest release of Rx, in the form of an interface called IQbservable (pronounced as IQueryableObservable). Stay tuned for a Channel 9 video on the subject, coming up early next week.
To situate this feature a bit, one should realize there are conceptually three orthogonal axes to the Rx/Ix puzzle:
What the data model is you're targeting. Here we find pull-based versus push-based models. Their relationship is based on duality. Transformations exist between those worlds (e.g. ToEnumerable).
Where you execute operations that drive your queries (sensu lato). Certain operators need concurrency. This is where scheduling and the IScheduler interface come in. Operators exist to hop between concurrency domains (e.g. ObserveOn).
How a query expression needs to execute. Either verbatim (IL) or translatable (expression trees). Their relationship is based on homoiconicity. Conversions exist between both representations (e.g. AsQueryable).
All the IQbservable interface (which is the dual to IQueryable and the expression tree representation of an IObservable query) enables is the last point. Sometimes people confuse the act of query translation (the "how" to run) with remoting aspects (the "where" to run). While typically you do translate queries into some target language (such as WQL, PowerShell, DSQLs for cloud notification services, etc.) and remote them into some target system, both concerns can be decoupled. For example, you could use the expression tree representation to do local query optimization.
With regards to possible security concerns, this is no different from the IQueryable capabilities. Typically one will only remote the expression language and not any "truly side-effecting" operators (whatever that means for languages other than fundamentalist functional ones). In particular, the Subscribe and Run operations stay local and take you out of the queryable monad (therefore triggering translation, just as GetEnumerator does in the world of IQueryable). How you'd remote the act of subscribing is something I'll leave to the imagination of the reader.
Start playing with the latest bits today and let us know what you think. Also stay tuned for the upcoming Channel 9 video on this new feature, including a discussion of some of its design philosophy.
While this sounds like an interesting possibility, I would have several reservations about implementing this.
1) Just as you can't serialize non-trivial lambda expressions used by IQueryable, serializing these for Rx would be similarly difficult. You would likely want to be able to serialize multi-line and statement lambdas as part of this framework. To do that, you would likely need to implement something like Erik Meijer's other pet projects - Dryad and Volta.
2) Even if you could serialize these lambda expressions, I would be concerned about the possibility of running arbitrary code on the server sent from the client. This could easily pose a security concern far greater than cross-site scripting. I doubt that the potential benefit of allowing the client to send expressions to the server to execute outweighs the security vulnerability implications.
8 (now 10) years into the future: I stumbled over Qactive (former Rxx), a Rx.Net based queryable reactive tcp server provider
It is the answer to the "question in question"
Server
Observable
.Interval(TimeSpan.FromSeconds(1))
.ServeQbservableTcp(new IPEndPoint(IPAddress.Loopback, 3205));
Client
var datasourceAddress = new IPEndPoint(IPAddress.Loopback, 3205);
var datasource = new TcpQbservableClient<long>(datasourceAddress);
(
from value in datasource.Query()
//The code below is actually executed on the server
where value <= 5 || value >= 8
select value
)
.Subscribe(Console.WriteLine);
What´s mind blowing about this is that clients can say what and how frequently they want the data they receive and the server can still limit and control when, how frequent and how much data it returns.
For more info on this https://github.com/RxDave/Qactive
Another blog.sample
https://sachabarbs.wordpress.com/2016/12/23/rx-over-the-wire/
One problem I would love to see solved with the Reactive Framework, if it's possible, is enabling emission and subcription to change notifications for cached data from Web services and other pull-only services.
It appears, based on a new channel9 interview, that there will be LINQ support for IObserver/IObservable in the BCL of .NET 4.
However it will essentially be LINQ-to-Objects style queries, so at this stage, it doesn't look like a 'smart subscribe' as you put it. That's as far as the basic implementations go in .NET 4. (From my understanding from the above interview)
Having said that, the Reactive framework (Rx) may have more detailed implementations of IObserver/IObservable, or you may be able to write your own passing in Expression<Func...> for the Subscribe paramaters and then using the Expression Tree of the Func to subscribe in a smarter way that suits the event channel you are subscribing to.