Date: Tue, 3 Feb 2004 16:17:19 -0800 (PST) From: Julian Elischer <julian@elischer.org> To: Andriy Korud <akorud@polynet.lviv.ua> Cc: Dominik Lupinski <dmkl@op.pl> Subject: Re: Changing TOS of forwarded packets? Message-ID: <Pine.BSF.4.21.0402031454380.88161-100000@InterJet.elischer.org> In-Reply-To: <1075843764.402012b4561da@isp.polynet.lviv.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
here's a suggestion..
I have not done this but it might work:
use ipfw to send sessions that match to a divert socket at port X.
use netgraph ng_ksocket to connect to the divert port you selected
above.
Use a variant of the node given to hack the TOC value..
(he's looking at ethernet packets where you would be looking at IP
packets so it won't work directly). Hmmm having fiddled the packets
we'd need to reinject them to a socket.. we could reinject them to teh
same socket (we'd need to use a 'tee' node as follows:
[divert]<--->[ksocket]<---->[tee]---->[hack]----\
^ |
\ |
----------------/
OR
you could open another divert ksocket
[divert]<--->[ksocket]<---->[tee]---->[hack]---->[ksocket]-->[divert]
(the divert socket will always feed back into the IP stack.)
On Tue, 3 Feb 2004, Andriy Korud wrote:
> Thanks, but I'm looking for some solution that'd allow me to modify TOS of the
> packets that match some filter rule, so I think I have to modify ipfilter
> code.
>
> Andriy
>
> > On Tue, Feb 03, 2004 at 06:46:18PM +0200, Andriy Korud wrote:
> >
> > Hello,
> >
> > > Hi, my question is simple - is it possible to set TOS value of forwarded
> > packets
> > > using ipfw, ipfilter or other magic on FreeBSD 4-STABLE?
> >
> > As far as I know there is nothing official for this purposes (hope someone
> > will correct me if I am wrong). This is why I started to design something
> > on my own. My little goodie is a netgraph node for packet mangling in its
> > early stage. I *just* got it to work and it is tested now. Seems to work
> > properly for me. However, it was written and used only on FreeBSD-5.2-R
> > and
> > I'am not sure about diffrences in netgraph implementation in STABLE.
> >
> > Nevertheless, if noone suggests better sollution you may want to give it a
> > try. Bear in mind it's early stage, though. There you can reach it:
> >
> > http://venus.wsb-nlu.edu.pl/~dlupinsk/ng_mangle/
> >
> > regards,
> > Dominik Lupinski
> >
> >
> > Ps. Any feedback appreciated.
> > --
> > "...they build you up only to tear you down."
> >
>
>
>
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0402031454380.88161-100000>