netfilter as a driver
As an academic project, I want to develop a firewall that operates at the kernel level, capture all packets and analyse the header for restricted IPs. I also want to demonstrate some content analysis of the packet in real time to show how future IPS systems will work.
I am choosing to use netfilter and have the following questions -
Is there a much lower level (and therefore quicker) way to do this than the netfilter ?
Are there any time/speed/NIC/Wireless Card related constraints with the netfilter approach ?
Please answer these questions.