Date: Mon, 9 Dec 2013 13:30:53 +0400 From: Victor Gamov <vit@euro-comm.net> To: Sami Halabi <sodynet1@gmail.com> Cc: freebsd-net@freebsd.org Subject: Re: Netgraph ng_patch and ng_input: where to find packets? Message-ID: <D84A0C0F-F443-4AB9-B0FB-43D1D829EC29@euro-comm.net> In-Reply-To: <CAEW%2BogYbzXfN=JB7ozYC686iR6vbNMwehVJ7vcJUT60cfNUkJw@mail.gmail.com> References: <ED66CBAA-575E-4823-9AEE-4A44FEF6AB01@euro-comm.net> <5293E3E7.6090604@freebsd.org> <B2B699D8-0BD8-451F-8685-C7B8C56AA7F0@euro-comm.net> <F39CFDF7-0772-488D-9DB9-350AEC495884@euro-comm.net> <CAEW%2BogZNpqzxAYMArqa8jkb=O1OipKo9jYQ90iZq=0pxqPY=TQ@mail.gmail.com> <52A493F1.6040700@freebsd.org> <CAEW%2BogYbzXfN=JB7ozYC686iR6vbNMwehVJ7vcJUT60cfNUkJw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 09Dec, 2013, at 11:36, Sami Halabi wrote: > Hi, Hi Sami > Actually following the ng_patch the following worked for me (using = 9.2-R -amd64): Yes, ng_patch works fine for me too. Then ng_input works too because I = see patched packets at ipfw. But this packets does not appears on = outgoing interface. Now I haven't machine for future testing, but I'll do more tests on = upcoming 10.0-R because I want to use 10.0 for my project. > kldload ng_patch > kldload ng_ipfw > /usr/sbin/ngctl -f- << SEQ > mkpeer ipfw: patch 300 in > name ipfw:300 src_dst_chg > msg src_dst_chg: setconfig { count=3D2 csum_flags=3D1 = ops=3D[ \ > { mode=3D1 value=3D0xc0a8e609 length=3D4 = offset=3D12 } \ > { mode=3D1 value=3D0xc0a8e680 length=3D4 = offset=3D16 } ] } > SEQ > /sbin/ipfw add 600 netgraph 300 log ip from any to 239.0.0.19 dst-port = 1234 in via vlan999 >=20 > Sami >=20 >=20 > On Sun, Dec 8, 2013 at 5:44 PM, Julian Elischer <julian@freebsd.org> = wrote: > On 12/8/13, 6:43 PM, Sami Halabi wrote: > Hi Gamov, > Have got this to work? > If so would share configurations? >=20 > Thanks in advance, > Sami > =D7=91=D7=AA=D7=90=D7=A8=D7=99=D7=9A 29 =D7=91=D7=A0=D7=95=D7=91 2013 = 19:28, "Victor Gamov" <vit@euro-comm.net> =D7=9B=D7=AA=D7=91: >=20 >=20 >=20 > if not then the way to track it it to put a breakpoint on the netgraph = node that handles the packet and just single step through until you see = where the packet goes.. > kdb would give you a decent idea but a second machine (or a virtual = machine) with kgdb would really show you what's going on. -- =D0=A1 =D1=83=D0=B2=D0=B0=D0=B6=D0=B5=D0=BD=D0=B8=D0=B5=D0=BC, =D0=93=D0=B0=D0=BC=D0=BE=D0=B2 =D0=92=D0=B8=D0=BA=D1=82=D0=BE=D1=80
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?D84A0C0F-F443-4AB9-B0FB-43D1D829EC29>