divert rewrite
Sergey Matveychuk
sem at FreeBSD.org
Tue Feb 8 16:53:31 UTC 2011
08.02.2011 19:08, rozhuk.im at gmail.com wrote:
> Did you try ng_ether + ng_ksocket?
> It can translate Ethernet frames incapsulated to udp to user space receiver.
The idea is catch packets from firewall (ng_ipfw, ng_nat was mentioned
by mistake) and pass them to user space module that do some processing
and puts back the packets into firewall (for rules with `diverted' keyword).
It works now for IPv4 with `divert' and doesn't with IPv6.
More information about the freebsd-net
mailing list