Abstract :
One problem encountered while monitoring gigabit networks, is the
need to filter only those packets that are interesting for a given task while ignoring
the others. Popular packet filtering technologies enable users to specify complex
filters but do not usually allow multiple filters to be specified. This paper describes
the design and implementation of a new dynamic packet filtering solution that
allows users to specify several IP filters simultaneously with almost no packet loss
even on highly-loaded gigabit links. The advantage is that modern traffic monitoring
applications such as P2P, IPTV, and VoIP, monitoring and lawful interception can
dynamically set packet filters to efficiently discard packets into the operating system
kernel according to traffic, calls, and users being monitored.
