Netmap/divert socket capture: getting ipfw state? [porting from Linux, need NFLOG/NFQUEUE/ct functionality]
Igor 'Lo' (И.L.)
bombsiteunrested at gmail.com
Wed Mar 11 15:27:57 UTC 2015
Hello,
I currently plan to port one of my projects to FreeBSD from Linux,
now it requires an intrusive way of packet capture (to avoid drops)
and relies on a connection state tracking information from outside
(e.g. Linux's conntrack)).
So I need a way to capture some traffic based on predetermined ipfw(?)
rules, then get the packets to userspace together with connection
tracking state data from firewall.
What are my options on FreeBSD?
(Also, I'm fine with going down to kernel and communicating with my
own userspace app with other means, as long as I don't have to add own
connection tracker, but I'll prefer a pure userspace solution if
possible).
--
cheers,
Igor
More information about the freebsd-net
mailing list