From owner-freebsd-net@FreeBSD.ORG Fri Oct 31 09:51:05 2014 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5E98165A for ; Fri, 31 Oct 2014 09:51:05 +0000 (UTC) Received: from mail-wg0-x235.google.com (mail-wg0-x235.google.com [IPv6:2a00:1450:400c:c00::235]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E99C56A0 for ; Fri, 31 Oct 2014 09:51:04 +0000 (UTC) Received: by mail-wg0-f53.google.com with SMTP id b13so6147352wgh.12 for ; Fri, 31 Oct 2014 02:51:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject :content-type; bh=1KtoXlRues0K4U9pc+iR4d0WHgQOiCh7Obj3vtFg+bw=; b=eiolELz1l4Sm4q+WiZOLgbwglQBI8nFduEQEe10ex5jf7c9Vm7PON5BmyY+WvAnc06 biAyuy+EhcfJDpppnkLWaLnJah7E4VopeoE9K/V7ot79mK5NkFiRq/Iz0rQ024x6b7UF 9QG+nP1CL8Dw3tyAih0UIqT/VuJWE0sVy85zTpjjQYLrZBZFR7HbaW+9b2fxoHvix8Ix dUuxy53HS5vZhWJa588Irw6pOgdXS3ySdihgt5ylLBhd4CnW+pHcoAxvJW6Fwqqy7rLB ZCo3wy2a0juhhbCnJo+FFSzX4BYbSPjnnRGhVZbtpWTaaEyNJN+UMjDQ1oxfLSOVFDCH u08w== X-Received: by 10.194.80.100 with SMTP id q4mr26767263wjx.15.1414749063270; Fri, 31 Oct 2014 02:51:03 -0700 (PDT) Received: from [192.168.2.30] ([2.176.150.113]) by mx.google.com with ESMTPSA id w13sm11476401wjq.29.2014.10.31.02.51.01 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 31 Oct 2014 02:51:02 -0700 (PDT) Message-ID: <54535B82.405@gmail.com> Date: Fri, 31 Oct 2014 13:20:58 +0330 From: Hooman Fazaeli User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130215 Thunderbird/17.0.3 MIME-Version: 1.0 To: "freebsd-net@freebsd.org" Subject: transparent udp proxy Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.18-1 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 31 Oct 2014 09:51:05 -0000 Hi, I my setup, I use a fwd rule to forward all udp traffic to my local proxy: ipfw add 10 fwd localhost,7000 udp from any to any recv em1 The proxy needs to know the original destination address of forwarded datagrams, but there seems to be no way to obtain that address. Using recvmsg with IP_RECVDSTADDR does not help because it returns next-hop address instead of original destination. This is because udp_input() overwrites packet's destination with next-hop address before doing ip_savecontrol. It seems easy to change udp_input to pass the original dest. address to ip_savecontrol. Another soultion would be to implement IP_RECVDSTSOCKADDR option, which records the original destination address:port as a 'struct sockaddr_in[6]' in packet's control data. Comments/suggestions are welcome. -- Best regards. Hooman Fazaeli