Date: Sun, 30 Jun 2002 17:40:51 -0300 (ART) From: Fernando Gleiser <fgleiser@cactus.fi.uba.ar> To: Rafter Man <rafter@linuxmail.org> Cc: <FreeBSD-questions@FreeBSD.ORG> Subject: Re: Network programming. Message-ID: <20020630172928.Q37725-100000@localhost> In-Reply-To: <20020630173945.4463.qmail@linuxmail.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 1 Jul 2002, Rafter Man wrote: > Hi FreeBSD'ers > > I have some questions about network programming. > I have =93just=94 started on socket programming and want to write some pr= ograms like: > A firewall, but how do I make the program receive ALL packets and then pa= st > some of them on to inetd or the daemon listening on that port? (with > libpcap?). > In general, firewall code belongs in the kernel. take a look ta ip_input.c and ip_output.c and you'll see haw this is done by ipfilter and ipfw. > I have read some books/texts about FreeBSD security and networkprogrammin= g, > but if I run ftp (standalone), a firewall and tcpdump, which program get > the packets first? and can you guide me to some texts about the > network-packet-handling? The absolute reference of the TCP/IP stack is Wright and Stevens "TCP/IP Illustrated, Vol 2." The 15000 lines of code of the 4.4BSD stack in a very annotated way. A must for kernel network programmers. For everything else, Stevens "Unix Network Programming, Vol 1" is the bible. > > How do I take over ICMP? I mean that I only want to see ICMP packets and > send some ICMP=92s back. Do I have to use RAW_SOCK or libnet to make > ICMP=92s? > To see ICMP packets: bpf and/or libpcap. To write ICMP: raw sockets and/or libnet. libpcap is built on top of bpf (in BSD systems) to write packet capture code in a portable way. libnet is the same for writing packets. Raw sockets are a portability nightmare. Use libnet if you can. > And last but not least, with =93sockstat=94 you can get info about > which user, pid, command, etc is using a port/connection, how do I do tha= t? If you want to use sockstat to find out: man sockstat. If you want to write a program which does the same as sockstat, take a look at the source of netstat and fstat. sockstat is a perl script which reads the output of both netstat and fstat and merges them. Hope this helps. =09=09=09Fer > > Best regards > Rafter > > -- > Get your free email from www.linuxmail.org > > > Powered by Outblaze > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020630172928.Q37725-100000>