Next Generation Nothingness

Yesteryear’s predictions

It’s time to shed a light on the following question: are Next Generation Firewall (NGFW) growth projections up until 2016 realistic? The assertion in question has been made just a year ago. Channelnomics wrote the following on the topic:

“By 2016, NGFWs will secure 35 percent of all Internet connections, in what will become a $10 billion market (including VPNs and intrusion prevention systems).”


Invoke directories recursively with GNU make

Hi folks, I guess we all have had this problem and we mostly solve it in a crude way by hardcoding directories into static targets. But since fiddling around with BSD make, here’s a way to make this a bit more flexible for GNU make. Your Makefile will look like this:

SUBDIR= dir1 dir2 dir3


Granted this isn’t much, because the logic is hidden in the file, which is put into the project’s root directory:


Bye bye OpenDPI

I was there when they announced the proud arrival of the open source DPI engine OpenDPI. Totally in awe, I may add. A generous move towards the community. A chance to better the bitter fight in the field of net neutrality. The promise of easing the fear-mongering between governments and digital rights activists. Or just a clever marketing move? The industry cried out, but nobody heard their screams. The masses rejoiced, at least for a while.


Reinventing the wheel of DPI

So there I was reading up on the latest advancements of DPI (Deep Packet Inspection) while stumbling upon on this promising achievement. It goes like this:

In order to create a rock-solid IPS (Intrusion Prevention System), capable of handling network speeds of up to 1 gigabit with standard Intel hardware, we had to devise a technology breakthrough in Layer 7 processing. Existing technologies were just too slow to keep up with network speed expectations.


C debugging code ‘peak’ released

Hey folks, as promised earlier, I released a bunch of code dubbed ‘peak’, which mainly features nuts and bolts for C projects. What’s so special? There are memory allocation wrappers checking consistency in your C code so you’ll always get a sensitive error message with file and line attached. This helps you to better trace buffer overflow/underflow issues. It also features a preallocated memory pool, print wrappers and byte access macros for little and big endian architectures alike. Mind you, this is still work in progress. Comments and contributions welcome.