ASIC/FPGA Design and Verification Out Source Services

IP TTL filter
where to use and why is it required.

IP TTL spoofed packet block implemented, design and verification, using vhdl

I read recently, that some linux kernels have the ability to block spoofed packets. Some hackers attack servers by sending many packets. They also put some fake data in the offending packets. The arrival of multiple packets, with a well known source IP, in the spoofed packet, causes many interrupts in the server. This, in the best case, results with a degraded performance. Some kernels try to counter attack with an IP TTL block spoofed filter. I have decided to build such a filter in hardware. I would like to do the job in hardware, therefor offloading the kernel from this job. The idea is to have two main states in hardware machine, per each incoming IP namely: learning and check. In the former the hardware machine will build a table, per each incoming source IP, where it will average the TTL values of the packet. Once a programmable number of TTL values, for a given packet, have been studied, the hardware machine switches to check mode. During check mode, if a packet arrives and its TTL is outside an allowable range, a block packet indication is set. Such an implementation requires memory. With the way the design is implemented any memory smaller than 32 bits addressable, for IPV4, can be used.
For more details please send an e-mail and put in the subject: IP TTL filter. Also please a description of the hardware machine.