Re: Packet interception / Mangling

• Previous message: Dario Freni: "Re: How to disable at-boot configuration of a network interface but permit manual use of rc.d?"
• In reply to: cole_at_opteqint.net: "Packet interception / Mangling"
• Next in thread: Cole: "Re: Packet interception / Mangling"
• Reply: Cole: "Re: Packet interception / Mangling"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Mon, 27 Jun 2005 17:39:15 -0700
To: cole@opteqint.net

cole@opteqint.net wrote:

>Hi
>
>I wanted to know if there are any libraries similar to pcap to intercept
>packets/mangle packets.
>
>

how about pcap? :-)

There are also two other mechinisms..
"divert sockets" (man divert) which is used in conjuction with teh ipfw
packet fileter
and netgraph (man 4 netgraph, man ngctl, man ng_socket, man ng_ether)
which can do a lot of interesting thins.

>What im trying to do specifically is like link compression, and I would then
>need to check if the packet is then compressed and decompress, and so forth and
>so on.
>
>I would like to avoid having to use a ipfw divert to a port, and specifically
>check all traffic to the box using a library function or some kind of hook into
>the kernel.
>
>The FreeBSD version I will be using is 4.9 or 4.11, and would like to know if
>there are any such routines available, and whether it could be a userland
>daemon, or if i am going to need to write a kernel loadable module?
>
>If anyone has any ideas or suggestions, or knows anything about this, it would
>be a great help.
>
>Regards
>/Cole
>
>
>_______________________________________________
>freebsd-hackers@freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
>To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"
>
>
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"

• Previous message: Dario Freni: "Re: How to disable at-boot configuration of a network interface but permit manual use of rc.d?"
• In reply to: cole_at_opteqint.net: "Packet interception / Mangling"
• Next in thread: Cole: "Re: Packet interception / Mangling"
• Reply: Cole: "Re: Packet interception / Mangling"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: SFTP packet size limited to 16k ... It had nothing to do with the packet size. ... JM> The libssh2 library is an API and thus must be synchronous whereas ... providing asynchronous services. ... function calls to 3rd party libraries do not block. ... (comp.security.ssh) Re: Application layer classifier for ipfw ... packet back at the specified rule number. ... configuration file and firewall script to get you started. ... when any number after the divert rule/s would do. ... As long as you don't subtract one for the non-match packets reinjected ... (freebsd-net) Re: Application layer classifier for ipfw ... The tarball has a sample>>> configuration file and firewall script to get you started. ... I had the configuration file specify the rule number that passes the diverted packets to dummynet. ... The code would subtract 1 from the number when it wrote the packet back, but I wasn't sure how ipfwwould react to a possibly non-existant rule so changed it to its current form. ... when any number after the divert rule/s would do. ... (freebsd-net) Re: Telling BSD to stop resetting the connection! ... Any ideas on how to stop the net stack from resetting my connections, ... The following rules are added dynamically when my client sends a packet to a server so we can get it back on the divert socket. ... (freebsd-hackers) divert(4) socket isnt connection oriented ... I've spent several days digging in interaction between divert ... it tells incoming packet from outgoing ... It is important that ng_ksocket does not save sockaddr if socket is ... connection destination. ... (freebsd-net)