Re: bpf packet capture and SOCK_STREAM socket redirects...

Alireza Torabi wrote:
On Fri, Mar 21, 2008 at 6:35 AM, Peter Jeremy
<peterjeremy@xxxxxxxxxxxxxxxx> wrote:
On Thu, Mar 20, 2008 at 11:27:53AM +0000, Alireza Torabi wrote:
>Imagine this:
>
> | (1)
> packets
> | | (4)
> [nic1] [nic2]
> bpf SOCK_STREAM
> | (2) |
>> > ---------------------------------------
> [FreeBSD] (3)
>
>1) all user traffic are being monitored
>2) bpf on [nic] is capturing these packets
>3) after processing we know a connection is about to be established from A to B
>
>NOW:
>4) I want to deliver this packet to the socket on [nic2]
>and as this is a tcp socket it'll take care of it from there
>(my code here for this sockets sends and arbitary data to A making it
>think it came from B)

Have a look at divert(4). I suspect it comes closest to what you want.

--
Peter Jeremy
Please excuse any delays as the result of my ISP's inability to implement
an MTA that is either RFC2821-compliant or matches their claimed behaviour.


Yes. It sounds promising. I was reading natd and planning to read ipfw
source interestingly!

also I think you may want the 'fwd' call in ipfw...

I don't quite understand your question..
(despite the picture)
where ia A and where is B?

and why 2 nics?

User traffic where?
on a switch?
coming in and out of this machine?

you need to define a little more of the picture..

Julian



Thanks

Alireza
_______________________________________________
freebsd-net@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@xxxxxxxxxxx"

_______________________________________________
freebsd-net@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@xxxxxxxxxxx"

Relevant Pages

  • IPv6, sending packets through a specific NIC
    ... I am new to linux and socket programming, ... the packets are only sent *some* of the time... ... the packets appear to be sent from linbox1 (by the return val ... The code above works because the NICs can rationalise which ...
    (comp.os.linux.development.apps)
  • Re: Problem with writing fast UDP server
    ... UDP packets per second. ... socket and threads. ... I wrote a simple case test: client and server. ... The maximum theoretical limit is 14,880 frames per ...
    (comp.lang.python)
  • Re: Ethernet card receiving influenced by CPU speed?
    ... it usually shows up in nics and video cards. ... Frames are the "packets" used to send ethernet signals/data on the ...
    (comp.os.linux.networking)
  • RE: *warning* student question
    ... What option is this supposed CRC or hash supposed to be? ... >their shell session you're taking over their network socket. ... Systems will also drop TCP packets with bad checksums. ... We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion ...
    (Security-Basics)
  • Re: [patch 4/10] s390: network driver.
    ... but it seems someone is complaining about some behavior changing? ... network driver discard packets on link-down. ... However this approach doesnt play well if the socket can ... be blocked completely because of /one/ interface having its link ...
    (Linux-Kernel)