Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 17 Jan 2003 13:39:02 +0000
From:      Jian Song <>
To:        freebsd-ipfw@FreeBSD.ORG
Subject:   How to do tcp payload validation
Message-ID:  <>

Next in thread | Raw E-Mail | Index | Archive | Help

I need to do tcp payload validation.  Specifically, the tcp stream I am 
looking at contains multiple messages.  Each message has a two byte 
length header and immediately follow by the body.  I would like to 
monitor the tcp traffic and intercept each message.  If there is an 
error, I will send RSTs to both ends of the connection.  While I can do 
a BPF tap and do ip reassembly and tcp processing myself, I was 
wondering whether this can be achieved through ipfw or ipfilter.  I 
would like a TCP tap which pass tcp payload data to a user process for 
further validation.  This way, I don't have to worry about matching ACKs 
and do TCP stream reassembly.


Jian Song

To Unsubscribe: send mail to
with "unsubscribe freebsd-ipfw" in the body of the message

Want to link to this message? Use this URL: <>