Date: Tue, 14 Oct 2008 19:41:38 -0700 From: "alan yang" <alancyang@gmail.com> To: "Max Laier" <max@love2party.net> Cc: freebsd-hackers@freebsd.org, freebsd-questions@freebsd.org Subject: Re: tracing pf code Message-ID: <290865fd0810141941l7c63a8e6l1c9c4839518c9ac8@mail.gmail.com> In-Reply-To: <200810150302.03949.max@love2party.net> References: <290865fd0810141747l39b80e2ao329c8212061a67c1@mail.gmail.com> <200810150302.03949.max@love2party.net>
next in thread | previous in thread | raw e-mail | index | archive | help
yes, exact. thanks a lot!
On Tue, Oct 14, 2008 at 6:02 PM, Max Laier <max@love2party.net> wrote:
> On Wednesday 15 October 2008 02:47:46 alan yang wrote:
>> hello,
>>
>> for pf port on freebsd, i would like to trace the packet flow, looking
>> at from ether_input -> etiher_demux -> ip_input -> tcp_input where /
>> how pf handles / process the packet.
>>
>> can people shed some lights where to start. really appreciate.
>
> ps hooks into the pfil(9) hook point in ip[6]_{in,out}put(). Look for calls
> to "pfil_run_hooks" in the code. From there the call proceeds to the hook
> functions defined in pf_ioctl.c pf_check_{in,out}[6].
>
> The processing inside pf is best understood by looking at the following chart:
> http://homepage.mac.com/quension/pf/flow.png
>
> Is this the information you are looking for?
>
> --
> /"\ Best regards, | mlaier@freebsd.org
> \ / Max Laier | ICQ #67774661
> X http://pf4freebsd.love2party.net/ | mlaier@EFnet
> / \ ASCII Ribbon Campaign | Against HTML Mail and News
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?290865fd0810141941l7c63a8e6l1c9c4839518c9ac8>