Date: Thu, 13 Nov 1997 10:34:36 -0800 (PST) From: Archie Cobbs <archie@whistle.com> To: fwang2@eos.ncsu.edu (Feiyi Wang) Cc: questions@FreeBSD.ORG Subject: Re: Another divert socket question Message-ID: <199711131834.KAA19531@bubba.whistle.com> In-Reply-To: <346A97A0.211F@eos.ncsu.edu> from Feiyi Wang at "Nov 13, 97 01:01:04 am"
next in thread | previous in thread | raw e-mail | index | archive | help
Feiyi Wang writes: > In divert man page, it is said that: "Normally, packets read as incoming > should be written as incoming; similiarly for outgoing packets. When > reading and then writing back packets, passing the same socket address > supplied by recvfrom(2) unmodified to sendto(2) simplifies things". > > I am a bit confused here: when I do recvfrom(2), the socket address I am > getting is actually a source (struct socketaddr*), if I pass it > unmodified to sendto(2) as detination, it seems contradict to my usual > sense of "read as incoming, write as incoming". Am I missing something > here? The root of your question is the hackerous nature of divert sockets :-) You have to forget your usual understanding of the meaning of sendto() and recvfrom(). Just think of them as read() and write() with room for an extra argument. The extra argument simply specifies whether the packet is an "incoming" packet (ie, received on an interface but not yet routed) or an "outgoing" packet (ie, ready to be forwarded out a specific interface). > I do tried this way, it seemed not work. To make my question clear, here > is what I am trying to do - A routing daemon (gated) is listening proto > 89 via "normal raw socket". I first use "ipfw" divert all ip packets > with proto 89 to another port, which got a divert socket binded, after > packet checking ok, I want to re-inject it into the incoming stream > without affecting gated daemon. > > Can it be done? Now reading is ok, but when I write back, but gated > daemon seems never receive the packets. You should be able to do this by passing the exact same sockaddr structure you got from recvfrom() to sendto(). If gated is not getting the packets, make sure your packet is legal, ie., has a correct IP header checksum, etc (otherwise it will get dropped). -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199711131834.KAA19531>