As part of a broader organisational restructure, data networking research at Swinburne University of Technology has moved from the Centre for Advanced Internet Architecture (CAIA) to the Internet For Things (I4T) Research Lab.

Although CAIA no longer exists, this website reflects CAIA's activities and outputs between March 2002 and February 2017, and is being maintained as a service to the broader data networking research community.

Linux NetFilter

This is my old and outdated Linux NetFilter page. However, people still ask me for the promiscuous patch. So here it is.

I work a lot with the new Linux 2.4 Firewalling Code which is called NetFilter. It is a very nice framework (hooorah for the NetFilter core team) not even for firewalling but also for accounting, packet capturing and packet mangling within the network.

The official NetFilter homepage can be found at

The previuos version of the firewalling code before Linux 2.4 was called IPChains and can be found at

A nice tool for NetFilter is ULOG which can be found at here.

I have written some NetFilter modules myself. The first one adds a new promiscuous hook which get all packets destinated for other hosts while the NIC is in promiscuous mode. This new hook is included in a new table called 'meter'. It works quite stable with iptables-1.2.3.
Download netfilter-prom-patch.tgz

The second module matches RTP packets both over UDP and over TCP. The RTP over UDP classifier is quite stable while the RTP over TCP classifier is experimental. I have tested both with iptables-1.2.3.
Download netfilter-rtp-patch.tgz

I have modified the existing ToS match to allow more flexible matching in particular to allow for classification with arbitrary DSCPs. I have tested the patch with iptables-1.2.3.
Download netfilter-tos-patch.tgz

Last Updated: Wednesday 31-Oct-2007 09:57:10 AEDT | Maintained by: Sebastian Zander ( | Authorised by: Grenville Armitage (