Date: Wed, 9 Jul 2003 12:33:53 -0700 From: Brooks Davis <brooks@one-eyed-alien.net> To: kw3wong@engmail.uwaterloo.ca Cc: dsze@engmail.uwaterloo.ca Subject: Re: Question about bridging code Message-ID: <20030709193353.GA17128@Odin.AC.HMC.Edu> In-Reply-To: <1057778632.3f0c6bc8af474@www.nexusmail.uwaterloo.ca> References: <1057778632.3f0c6bc8af474@www.nexusmail.uwaterloo.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
--SLDf9lqlvOQaIe6s Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Jul 09, 2003 at 03:23:52PM -0400, kw3wong@engmail.uwaterloo.ca wrot= e: > Hi guys, >=20 > My first attempts at hacking FreeBSD kernel code has not been very fruitf= ul, so=20 > I'm hoping someone with more experience and knowhow might be able to poin= t out=20 > the mistakes that I'm making. >=20 > Firstly, let me explain what I'm trying to do. I'm currently working on a= =20 > University project that performs some type of transformation (compression= ,=20 > security, string replacement, etc) on packets as they pass through the sy= stem.=20 > The current setup has the FreeBSD machine configured as a router, and the= =20 > transformation is performed on packets that are routed. This is done via = divert=20 > sockets and everything is fine and dandy, we're getting great results fro= m this=20 > setup. >=20 > However, what we want to do next is to have the machine setup as a ethern= et=20 > bridge instead, and the transformation is to be performed on the bridged= =20 > packets. Unfortunately, as most of you probably know, divert sockets do n= ot=20 > work with bridges as of yet. Since you are paying the price of pulling all packets into userland anyway, I'd suggest you just do the bridging in userland. You can use bpf to send and recieve packets on each interface and then bridge and process them in your application. I did this a while back and the whole thing took about 1400 lines of code. Unfortunalty, I can't release the code, but it only took a few hours to write and debug the bridging part. -- Brooks --SLDf9lqlvOQaIe6s Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE/DG4fXY6L6fI4GtQRAu1gAKC4ofX2YjVr8IyAPGYPNFebb6AixwCg1THE 8oWpb8TvldsJKFehgYV9qJs= =B5HP -----END PGP SIGNATURE----- --SLDf9lqlvOQaIe6s--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030709193353.GA17128>