From owner-freebsd-net@FreeBSD.ORG  Mon Jun 14 17:45:12 2004
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 1553F16A4D0
	for <freebsd-net@freebsd.org>; Mon, 14 Jun 2004 17:45:12 +0000 (GMT)
Received: from sccrmhc12.comcast.net (sccrmhc12.comcast.net [204.127.202.56])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C5EF243D4C
	for <freebsd-net@freebsd.org>; Mon, 14 Jun 2004 17:45:11 +0000 (GMT)
	(envelope-from julian@elischer.org)
Received: from interjet.elischer.org ([24.7.73.28])
          by comcast.net (sccrmhc12) with ESMTP
          id <20040614174510012002jc5te>; Mon, 14 Jun 2004 17:45:10 +0000
Received: from localhost (localhost.elischer.org [127.0.0.1])
	by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id KAA30988;
	Mon, 14 Jun 2004 10:38:29 -0700 (PDT)
Date: Mon, 14 Jun 2004 10:38:27 -0700 (PDT)
From: Julian Elischer <julian@elischer.org>
To: James Housley <jim@Thehousleys.net>
In-Reply-To: <40CDE026.3040502@Thehousleys.net>
Message-ID: <Pine.BSF.4.21.0406141032110.30464-100000@InterJet.elischer.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
cc: freebsd-net@FreeBSD.org
Subject: Re: Using netgraph for filtering/modifing packets.
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Jun 2004 17:45:12 -0000



On Mon, 14 Jun 2004, James Housley wrote:

> 
> I have a product that is connected to a PC via eithernet.  The product 
> runs FBSD, but I would likely put another FBSD box in the middle.  I want 
> to be able modify packets for good and evil based on the data portion of 
> the packet.
> 
> For example to ocasionally drop a packet that is acking some command.  Or 
> send an ack for a command that was never sent.  Or just change data to be 
> invalid.
> 
> Then after messing with the data portion put it back in the queue to be 
> sent, if it wasn't just dropped.
> 
> Jim
> 
Is this product running over..
1/ your own low-level protocol

 use netgraph etf node to divert packets to userland for processing by a
 program (using 'socket' node) 
  example: nghook

or
2/ IP?
2a/ UDP?
or
2b/ some proprietary IP protocol?

use ipfw and 'divert' to divert to a userland program for manipulation
  example: natd or tcpmssd (in ports/net)