Date: Fri, 14 Mar 1997 20:27:02 +0000 From: Brian Somers <brian@awfulhak.demon.co.uk> To: "John H. Aughey" <jha@freefall.freebsd.org> Cc: freebsd-hackers@freefall.freebsd.org Subject: Re: Pre/Post processing IP packets Message-ID: <199703142027.UAA25135@awfulhak.demon.co.uk> In-Reply-To: Your message of "Fri, 14 Mar 1997 09:45:03 PST." <199703141745.JAA01129@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> I want to be able to pre-process and post-process IP packets which > are received by a network interface or are going out a network > interface. Basically I want to be able to look at an IP packet > immediately after it's received by an interface, fiddle around with > the packet, and then pass the modified packet back to the kernel > for further processing. In the same way I want to look at a packet > that is going out an interface, fiddle around with the packet, and > then pass the modified packet back to the kernel for actual > transmission. Have a look on http://www.srv.com/~cmott. The natd program is a good example of using divert(4) sockets. The idea is that you tell the firewall software to "divert" certain packets to a given raw socket. You then write a program that sits on that raw socket, plays with packets and re-injects them into the ip handling routines in the kernel. I'm going to make a "port" of natd soon, but I've been quite busy lately :| -- Brian <brian@awfulhak.demon.co.uk>, <brian@freebsd.org> <http://www.awfulhak.demon.co.uk/>; Don't _EVER_ lose your sense of humour....
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199703142027.UAA25135>