From owner-freebsd-hackers Wed Mar 18 06:12:19 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id GAA14563 for freebsd-hackers-outgoing; Wed, 18 Mar 1998 06:12:19 -0800 (PST) (envelope-from owner-freebsd-hackers@FreeBSD.ORG) Received: from fang.cs.sunyit.edu (root@fang.cs.sunyit.edu [192.52.220.66]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA14457 for ; Wed, 18 Mar 1998 06:11:42 -0800 (PST) (envelope-from perlsta@cs.sunyit.edu) Received: from win95.local.sunyit.edu (A-T34.rh.sunyit.edu [150.156.210.241]) by fang.cs.sunyit.edu (8.8.5/8.7.3) with SMTP id KAA24156; Wed, 18 Mar 1998 10:13:19 GMT Message-ID: <016501bd5277$597270e0$0600a8c0@win95.local.sunyit.edu> From: "Alfred Perlstein" To: "Robert Watson" , Subject: Re: need a reference: data link layer packet transmission Date: Wed, 18 Mar 1998 09:08:37 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.2106.4 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.2106.4 Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG maybe i'm being niave, but look into DIVERT sockets, with a the kernel firewall and a divert socket you can capture the traffic. -Alfred -----Original Message----- From: Robert Watson To: hackers@FreeBSD.ORG Date: Tuesday, March 17, 1998 11:42 PM Subject: need a reference: data link layer packet transmission > >For performance testing and bug catching, I would like to be able to >"replay" tcpdump captured packet streams that were promiscuously sniffed >off of a network. Using the existing tcpdump to do this is ideal, as it >timestamps, etc. However, I need to be able to resend the packets over >the network, and not all of the packets of interest are IP-packets. So I >need to be able to manually ship these packets to the link layer for >delivery (on a specific device). I know that bpf can be used for >transmission as well as reception (bpfwrite), but have had a hard time >finding sample source code that uses this transmission; bpf is primarily >intended for listening and not deliver. > >The Stevens UNIX Network Programming book referred me to the rarp source >code, and indeed there is a somewhat obfuscated creation of rarp replies >there, but I was hoping for something a little more tutorial-like. >Similarly, the man pages are not particularly talkative about the >functions associated with BPF (although they due cover the structures >fairly well). I do not currently have a copy of the original BPF paper, >but was wondering if it was available online, or if there were other >software packages I could look at for further information. While I am >willing to delve into kernel source to find the answer, I would rather see >some text or a package that does similar things to what I want to write. > >Alternatively, if such a package exists that already does what I describe, >a URL to that would be great! > >Thanks in advance, > > Robert N Watson > >Carnegie Mellon University http://www.cmu.edu/ >SafePort Network Services http://www.safeport.com/ >robert@fledge.watson.org http://www.watson.org/~robert/ > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-hackers" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message