Date: Thu, 20 Mar 2008 10:47:09 +0000 (UTC) From: Vadim Goncharov <vadim_nuclight@mail.ru> To: freebsd-net@freebsd.org Subject: Re: bpf packet capture and SOCK_STREAM socket redirects... Message-ID: <slrnfu4g5d.1b5e.vadim_nuclight@hostel.avtf.net> References: <cffd8c580803192006g4045258bxcf8fa10b322a640@mail.gmail.com> <cffd8c580803200243u4465889m197d2a7ca6d0fff7@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Alireza Torabi! On Thu, 20 Mar 2008 09:43:52 +0000; Alireza Torabi wrote about 'bpf packet capture and SOCK_STREAM socket redirects...': > Is it possible to redirect/send/divert a bpf packet capture of one > interface to a listening tcp socket on another interface of the same > machine? > Here is my problem: > I'm capturing packets on one interface but for some specific tcp > packets let's say from host A to host B on port P, I want to hijack > the packet and send it to a listening tcp socket on the other > interface and reply an "Access Denied" message. > I'd like to use the tcp socket on the other interface as it's not > possible to communicate over the interface that's doing the packet > capture and I don't want to invent the wheel by doing all the tcp/tcb > states hence using a tcp socket. But if that's a middle of connection, how would you do? Kernel sockets assume they've acted in a conversation from the very beginning SYN's, so if you redirect such packet, socket will not understand it. If you yopu want to simply close/reset connection, however, this can be done somehow. -- WBR, Vadim Goncharov. ICQ#166852181 mailto:vadim_nuclight@mail.ru [Moderator of RU.ANTI-ECOLOGY][FreeBSD][http://antigreen.org][LJ:/nuclight]
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?slrnfu4g5d.1b5e.vadim_nuclight>