Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 21 Mar 2008 11:16:51 -0700
From:      Julian Elischer <julian@elischer.org>
To:        Alireza Torabi <alireza.torabi@gmail.com>
Cc:        Peter Jeremy <peterjeremy@optushome.com.au>, freebsd-net@freebsd.org
Subject:   Re: bpf packet capture and SOCK_STREAM socket redirects...
Message-ID:  <47E3FB93.1080501@elischer.org>
In-Reply-To: <cffd8c580803210402j7c3c0900h4e8f486be0c325c@mail.gmail.com>
References:  <cffd8c580803192006g4045258bxcf8fa10b322a640@mail.gmail.com>	<cffd8c580803200243u4465889m197d2a7ca6d0fff7@mail.gmail.com>	<slrnfu4g5d.1b5e.vadim_nuclight@hostel.avtf.net>	<cffd8c580803200357l686d6e40qb49b3ecadb734151@mail.gmail.com>	<slrnfu4hm4.1b5e.vadim_nuclight@hostel.avtf.net>	<cffd8c580803200427u62d8d3b9q208364a8a96de7ba@mail.gmail.com>	<20080321063517.GK85901@server.vk2pj.dyndns.org> <cffd8c580803210402j7c3c0900h4e8f486be0c325c@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
Alireza Torabi wrote:
> On Fri, Mar 21, 2008 at 6:35 AM, Peter Jeremy
> <peterjeremy@optushome.com.au> wrote:
>> On Thu, Mar 20, 2008 at 11:27:53AM +0000, Alireza Torabi wrote:
>>  >Imagine this:
>>  >
>>  >           | (1)
>>  >        packets
>>  >           |                 | (4)
>>  >        [nic1]             [nic2]
>>  >          bpf             SOCK_STREAM
>>  >           |  (2)            |
 >>  >  ---------------------------------------
>>  >              [FreeBSD] (3)
>>  >
>>  >1) all user traffic are being monitored
>>  >2) bpf on [nic] is capturing these packets
>>  >3) after processing we know a connection is about to be established from A to B
>>  >
>>  >NOW:
>>  >4) I want to deliver this packet to the socket on [nic2]
>>  >and as this is a tcp socket it'll take care of it from there
>>  >(my code here for this sockets sends and arbitary data to A making it
>>  >think it came from B)
>>
>>  Have a look at divert(4).  I suspect it comes closest to what you want.
>>
>>  --
>>  Peter Jeremy
>>  Please excuse any delays as the result of my ISP's inability to implement
>>  an MTA that is either RFC2821-compliant or matches their claimed behaviour.
>>
> 
> Yes. It sounds promising. I was reading natd and planning to read ipfw
> source interestingly!

also I think you may want the 'fwd' call in ipfw...

I don't quite understand your question..
(despite the picture)
where ia A and where is B?

and why 2 nics?

User traffic where?
    on a switch?
    coming in and out of this machine?

you need to define a little more of the picture..

Julian



> Thanks
> 
> Alireza
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?47E3FB93.1080501>