bpf packet capture and SOCK_STREAM socket redirects...
Alireza Torabi
alireza.torabi at gmail.com
Fri Mar 21 04:02:06 PDT 2008
On Fri, Mar 21, 2008 at 6:35 AM, Peter Jeremy
<peterjeremy at optushome.com.au> wrote:
> On Thu, Mar 20, 2008 at 11:27:53AM +0000, Alireza Torabi wrote:
> >Imagine this:
> >
> > | (1)
> > packets
> > | | (4)
> > [nic1] [nic2]
> > bpf SOCK_STREAM
> > | (2) |
> > [FreeBSD] (3)
> >
> >1) all user traffic are being monitored
> >2) bpf on [nic] is capturing these packets
> >3) after processing we know a connection is about to be established from A to B
> >
> >NOW:
> >4) I want to deliver this packet to the socket on [nic2]
> >and as this is a tcp socket it'll take care of it from there
> >(my code here for this sockets sends and arbitary data to A making it
> >think it came from B)
>
> Have a look at divert(4). I suspect it comes closest to what you want.
>
> --
> Peter Jeremy
> Please excuse any delays as the result of my ISP's inability to implement
> an MTA that is either RFC2821-compliant or matches their claimed behaviour.
>
Yes. It sounds promising. I was reading natd and planning to read ipfw
source interestingly!
Thanks
Alireza
More information about the freebsd-net
mailing list