Netgraph ng_patch and ng_input: where to find packets?

Mon Dec 9 09:31:04 UTC 2013

On 09Dec, 2013, at 11:36, Sami Halabi wrote:

> Hi,

Hi Sami

> Actually following the ng_patch the following worked for me (using 9.2-R -amd64):

Yes, ng_patch works fine for me too.  Then ng_input works too because I see patched packets at ipfw.  But this packets does not appears on outgoing interface.

Now I haven't machine for future testing, but I'll do more tests on upcoming 10.0-R because I want to use 10.0 for my project.

> kldload ng_patch
> kldload ng_ipfw
> /usr/sbin/ngctl -f- << SEQ
>                  mkpeer ipfw: patch 300 in
>                  name ipfw:300 src_dst_chg
>                  msg src_dst_chg: setconfig { count=2 csum_flags=1 ops=[         \
>                          { mode=1 value=0xc0a8e609 length=4 offset=12 }  \
>                          { mode=1 value=0xc0a8e680 length=4 offset=16 } ] }
>          SEQ
> /sbin/ipfw add 600 netgraph 300 log ip from any to 239.0.0.19 dst-port 1234 in via vlan999
> 
> Sami
> 
> 
> On Sun, Dec 8, 2013 at 5:44 PM, Julian Elischer <julian at freebsd.org> wrote:
> On 12/8/13, 6:43 PM, Sami Halabi wrote:
> Hi Gamov,
> Have got this to work?
> If so would share configurations?
> 
> Thanks in advance,
> Sami
> בתאריך 29 בנוב 2013 19:28, "Victor Gamov" <vit at euro-comm.net> כתב:
> 
> 
> 
> if not then the way to track it it to put a breakpoint on the netgraph node that handles the packet and just single step through until you see where the packet goes..
> kdb would give you a decent idea but a second machine (or a virtual machine) with kgdb would really show you what's going on.

--
С уважением,
Гамов Виктор