Date: Wed, 02 Mar 2005 11:50:34 -0800 From: Julian Elischer <julian@elischer.org> To: Ruslan Ermilov <ru@freebsd.org> Cc: freebsd-net@freebsd.org Subject: Re: netgraph question : how to intercept incoming IP packets of a certain type? Message-ID: <4226190A.7040106@elischer.org> In-Reply-To: <20050302123846.GC47110@ip.net.ua> References: <37e131660503011947346b94fb@mail.gmail.com> <20050302123846.GC47110@ip.net.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
Ruslan Ermilov wrote: >On Tue, Mar 01, 2005 at 10:47:07PM -0500, Aziz KEZZOU wrote: > > >>Hi folks, >>Here is what I want to do : "Intercept all incoming IP packets on an >>Ethernet interface of a certain type (e.g RSVP) and call my own >>function to process, all inside the kernel" >> >>Netgraph nodes : ng_iface, nf_bpf (and probably ng_ether) look >>promising for this task but I can not figure out how to do it in >>practice... >> >>Any help is appreciated. Thanks, >> >> >> >I thought Julian already answered this... > > you can do it even without ng_ipfw use ng_ksocket to open a divert socket and use ipfw divert to send packets to it. >You can do this with ng_ipfw(4) in -CURRENT. Or you can filter >(with ng_bpf(4)) the packets of interest and forward them >somewhere. Example: > > +---v > | (upper) > | rl0: [ng_ether] > | (lower) > | ^ > | | > | v > | (lower) > | bpf_rl0: [ng_bpf] > | (upper) > +---^ > >[bpf] should be configured to forward matching packets received on >"lower" to some other hook, and non-matching packets to "upper". >Similarly for packets received on "upper", forward packets of >interest to some other hook, and non-matching packets to "lower". > > >Cheers, > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4226190A.7040106>