Because of the complicated packet matching (and manipulation) required by my proposal, I looked into netfilter/iptables available for the 2.4 and later kernels.
The good news is that it can be done in user-space with the newer kernel, the bad news is that 68k (or even 200k) is not enough extra space on the floppy. That ignores that fact the all the old firewall rules would have to be re-written because the emulation can only be used if you are not using the new style as well.
Essentially, you would watch for interesting packets on various interfaces. You can put matching packets in a queue that is handled by a user-space program. When the user-space program is finished with the packet, it is put back in the chain just after where it was sent to the queue (if I read that right). The packet is then dropped if a certain flag is set, or proceeds through the rest of the filters.
It seems obvious that this user-space program should be able to call the "wakelan" program when appropriate. Holding the packets in a queue may be tedious, but doable.
Another reason for looking into the newer kernel is better hardware support (like full-duplex support for my one 3c509 card). As you know, every feature has a certain space penalty attached to it.
I tried test-compiling the 2.4.37.1 kernel with options similar, but slightly more functional than the Freesco kernel. Even with Bzip compression, my first attempt weighed in at over 800k. I haven't been able to get it under 600k. It is around 2MB before compression. Does including hundreds of modules significantly affect the size of the kernel?
I was using the 4.1.2 gcc compiler which is *NOT* supported (too new), but it only generated warnings, not errors. (I figure close enough for seeing how big the kernel image is)
I was going to attach the .config file I was working with, but that may be disabled in this sub-forum.