From owner-freebsd-net@FreeBSD.ORG Fri Dec 22 16:40:59 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id A161F16A40F for ; Fri, 22 Dec 2006 16:40:59 +0000 (UTC) (envelope-from brooks@lor.one-eyed-alien.net) Received: from lor.one-eyed-alien.net (grnl-static-02-0046.dsl.iowatelecom.net [69.66.56.110]) by mx1.freebsd.org (Postfix) with ESMTP id 61DE413C447 for ; Fri, 22 Dec 2006 16:40:59 +0000 (UTC) (envelope-from brooks@lor.one-eyed-alien.net) Received: from lor.one-eyed-alien.net (localhost [127.0.0.1]) by lor.one-eyed-alien.net (8.13.8/8.13.8) with ESMTP id kBMG5p81048555; Fri, 22 Dec 2006 10:05:51 -0600 (CST) (envelope-from brooks@lor.one-eyed-alien.net) Received: (from brooks@localhost) by lor.one-eyed-alien.net (8.13.8/8.13.8/Submit) id kBMG5obC048554; Fri, 22 Dec 2006 10:05:50 -0600 (CST) (envelope-from brooks) Date: Fri, 22 Dec 2006 10:05:50 -0600 From: Brooks Davis To: Fabr?cio Barros Cabral Message-ID: <20061222160550.GD47710@lor.one-eyed-alien.net> References: <1166802209.7642.17.camel@hades.no-ip.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="W5WqUoFLvi1M7tJE" Content-Disposition: inline In-Reply-To: <1166802209.7642.17.camel@hades.no-ip.org> User-Agent: Mutt/1.5.11 Cc: freebsd-net@freebsd.org Subject: Re: Intercepting a packet, changing it and re-injecting into the network X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Dec 2006 16:40:59 -0000 --W5WqUoFLvi1M7tJE Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Dec 22, 2006 at 12:43:29PM -0300, Fabr?cio Barros Cabral wrote: > Hello everybody! >=20 > I'm developing a network application which needs *to intercept* a packet > (not just *copy* a packet, like libpcap does), move this packet into my > application (userland), do some checking in the packet and according > with some heuristics, the application may change the payload and > re-inject the modified packet into the network. Note that sometimes, > I'll change the payload, drop the packet or just let it go. >=20 > So, how can a I do that in FreeBSD? I can use 6.1, 7.1, any version. The feature you're looking for is divert(4) sockets. You use IPFW to decide which packets to divert to userland and can reinject them as needed. -- Brooks --W5WqUoFLvi1M7tJE Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (FreeBSD) iD8DBQFFjAJeXY6L6fI4GtQRAqb/AKCt0s6N8YLucoERhtW65TesdZMy+ACgyN8T jmhHTlRYgRVLvV8kbShZU8Q= =KfkF -----END PGP SIGNATURE----- --W5WqUoFLvi1M7tJE--