From owner-freebsd-questions@FreeBSD.ORG  Thu Mar 20 03:32:03 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id C9AFC1065674
	for <freebsd-questions@freebsd.org>;
	Thu, 20 Mar 2008 03:32:03 +0000 (UTC)
	(envelope-from alireza.torabi@gmail.com)
Received: from wx-out-0506.google.com (wx-out-0506.google.com [66.249.82.236])
	by mx1.freebsd.org (Postfix) with ESMTP id 7C36B8FC23
	for <freebsd-questions@freebsd.org>;
	Thu, 20 Mar 2008 03:32:03 +0000 (UTC)
	(envelope-from alireza.torabi@gmail.com)
Received: by wx-out-0506.google.com with SMTP id i29so870100wxd.7
	for <freebsd-questions@freebsd.org>;
	Wed, 19 Mar 2008 20:32:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta;
	h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition;
	bh=UChQ2iiFpgV94wr2pC28ZQ/2IAIrMdbvOncAwuyK2wc=;
	b=Jk+FVWWSkNa4x/V+WC7vcNisB3Bb+3JqUe4qtzd7o1uB02I8vgEJcWVE+MGdXnTjmSs8dEYsb1sjSTxjjW/mODQLBx5ZMekqUNvB7ocwB9JAaiL4WPFmLT4du7pLRa9fc3B9zAyIDMmOxyNJrZQC4fSwJfuEZjEQWBZcBU26u58=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta;
	h=message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition;
	b=L73OkOZQD4raabqn00Xf6XUn2kz1a7zN8Ff7/X9HsAhKIh9T70ePjS5WleLPptItsg8rFKErPqyhlSuLb/EavdLeGFzGCL+xdPkhJCmLR9eA9yAOlh3Jh+YQ4o8LrJbJ7WWhTkCuobMEuS6D4rCSpl26jQmtfZQGp39VavYEQdg=
Received: by 10.114.174.2 with SMTP id w2mr2700635wae.17.1205982360082;
	Wed, 19 Mar 2008 20:06:00 -0700 (PDT)
Received: by 10.115.17.16 with HTTP; Wed, 19 Mar 2008 20:06:00 -0700 (PDT)
Message-ID: <cffd8c580803192006g4045258bxcf8fa10b322a640@mail.gmail.com>
Date: Thu, 20 Mar 2008 03:06:00 +0000
From: "Alireza Torabi" <alireza.torabi@gmail.com>
To: freebsd-questions@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Subject: bpf packet capture and SOCK_STREAM socket redirects...
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Mar 2008 03:32:03 -0000

Hi All,

Is it possible to redirect/send/divert a bpf packet capture of one
interface to a listening tcp socket on another interface of the same
machine?
Here is my problem:
I'm capturing packets on one interface but for some specific tcp
packets let's say from host A to host B on port P, I want to hijack
the packet and send it to a listening tcp socket on the other
interface and reply an "Access Denied" message.

I'd like to use the tcp socket on the other interface as it's not
possible to communicate over the interface that's doing the packet
capture and I don't want to invent the wheel by doing all the tcp/tcb
states hence using a tcp socket.

Thanks a lot
Alireza