Journal of Network and Systems Management

, Volume 15, Issue 3, pp 401–415

High-Speed Dynamic Packet Filtering

Article

DOI: 10.1007/s10922-007-9070-0

Cite this article as:
Deri, L. J Netw Syst Manage (2007) 15: 401. doi:10.1007/s10922-007-9070-0

Abstract

One problem encountered while monitoring gigabit networks, is the need to filter only those packets that are interesting for a given task while ignoring the others. Popular packet filtering technologies enable users to specify complex filters but do not usually allow multiple filters to be specified. This paper describes the design and implementation of a new dynamic packet filtering solution that allows users to specify several IP filters simultaneously with almost no packet loss even on highly-loaded gigabit links. The advantage is that modern traffic monitoring applications such as P2P, IPTV, and VoIP, monitoring and lawful interception can dynamically set packet filters to efficiently discard packets into the operating system kernel according to traffic, calls, and users being monitored.

Keywords

Passive packet capture Packet filtering Traffic monitoring Linux kernel 

Copyright information

© Springer Science+Business Media, LLC 2007

Authors and Affiliations

  1. 1.Ntop.orgPisaItaly

Personalised recommendations