From owner-freebsd-net@FreeBSD.ORG  Sun Aug 26 14:05:16 2007
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 929C016A420
	for <freebsd-net@freebsd.org>; Sun, 26 Aug 2007 14:05:16 +0000 (UTC)
	(envelope-from mav@FreeBSD.org)
Received: from cmail.optima.ua (cmail.optima.ua [195.248.191.121])
	by mx1.freebsd.org (Postfix) with ESMTP id 1643113C457
	for <freebsd-net@freebsd.org>; Sun, 26 Aug 2007 14:05:15 +0000 (UTC)
	(envelope-from mav@FreeBSD.org)
X-Spam-Flag: SKIP
X-Spam-Yversion: Spamooborona 1.7.0
Received: from [212.86.226.226] (account mav@alkar.net HELO [192.168.3.2])
	by cmail.optima.ua (CommuniGate Pro SMTP 5.1.10)
	with ESMTPA id 28821471; Sun, 26 Aug 2007 15:55:14 +0300
Message-ID: <46D17813.8090205@FreeBSD.org>
Date: Sun, 26 Aug 2007 15:54:43 +0300
From: Alexander Motin <mav@FreeBSD.org>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
	rv:1.7.13) Gecko/20060414
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Norberto Meijome <freebsd@meijome.net>
References: <1188123847.00792375.1188111626@10.7.7.3>
In-Reply-To: <1188123847.00792375.1188111626@10.7.7.3>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Cc: FreeBSD Net ML <freebsd-net@freebsd.org>
Subject: Re: Netgraph node to replace packet contents?
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 26 Aug 2007 14:05:16 -0000

Hi.

Norberto Meijome wrote:
> is there any already existing  Netgraph node that would allow me to replace bytes in the data part of a packet?  I'm talking about generic "foo" for "BAR" replacement, though different lengths  would be good too.

There is no such node.

This is not an easy task to alter some abstract packet. Even in 
simpliest case you should take into account TCP/UDP checksumms. There 
could be problems with fragmented packets. In more complicated cases may 
be required other modifications.

To replace string with different length one you should also correct 
packet length. It is possible for UDP (except for the not first packet 
fragments), but for TCP it is probably completely impossible without 
doing complete TCP proxying to modify sequence numbers.

-- 
Alexander Motin