From owner-freebsd-hackers@FreeBSD.ORG Tue Jun 28 19:35:32 2005 Return-Path: X-Original-To: freebsd-hackers@freebsd.org Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8BD8E16A41C for ; Tue, 28 Jun 2005 19:35:32 +0000 (GMT) (envelope-from julian@elischer.org) Received: from postoffice.vicor-nb.com (www.vicor.com [12.155.182.151]) by mx1.FreeBSD.org (Postfix) with ESMTP id 547FA43D1D for ; Tue, 28 Jun 2005 19:35:32 +0000 (GMT) (envelope-from julian@elischer.org) Received: from localhost (localhost [127.0.0.1]) by postoffice.vicor-nb.com (Postfix) with ESMTP id 61F844CE969; Tue, 28 Jun 2005 12:35:32 -0700 (PDT) Received: from postoffice.vicor-nb.com ([127.0.0.1]) by localhost (postoffice.vicor-nb.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 61759-02; Tue, 28 Jun 2005 12:35:31 -0700 (PDT) Received: from bigwoop.vicor-nb.com (bigwoop.vicor-nb.com [208.206.78.2]) by postoffice.vicor-nb.com (Postfix) with ESMTP id BC2004CE959; Tue, 28 Jun 2005 12:35:31 -0700 (PDT) Received: from [208.206.78.97] (julian.vicor-nb.com [208.206.78.97]) by bigwoop.vicor-nb.com (Postfix) with ESMTP id 75FE37A403; Tue, 28 Jun 2005 12:35:31 -0700 (PDT) Message-ID: <42C1A6B2.8070607@elischer.org> Date: Tue, 28 Jun 2005 12:36:18 -0700 From: Julian Elischer User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.7) Gecko/20050423 X-Accept-Language: en, hu MIME-Version: 1.0 To: Cole References: <20050627160635.9kkhi57rk88w848k@mail.opteqint.net> <42C09C33.2050403@elischer.org> <001301c57bc3$5608bea0$4206000a@deadmind> In-Reply-To: <001301c57bc3$5608bea0$4206000a@deadmind> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new at postoffice.vicor.com Cc: freebsd-hackers@freebsd.org Subject: Re: Packet interception / Mangling X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jun 2005 19:35:32 -0000 Cole wrote: >Hi > >Isnt pcap meant to be non-intrusive, as in it only gets sent a copy of the packet from the kernel space to userspace? And doesnt >actually intercept anything? > >Thanks for the other suggestions, but im trying to stay away from divert sockets, > Why? that's what they are for! It's like saying "I know I asked for a tool to remove this nut from the bolt but I'm trying to stay away from using wrenches". netgraph also allows you to do this in an efficient manner. > a friend also suggested libdnet, so I'll look into >that today, but if you have any further ideas, please let me know, thanks > >Regards >/Cole > >----- Original Message ----- >From: "Julian Elischer" >To: >Cc: >Sent: Tuesday, June 28, 2005 2:39 AM >Subject: Re: Packet interception / Mangling > > > > >>cole@opteqint.net wrote: >> >> >> >>>Hi >>> >>>I wanted to know if there are any libraries similar to pcap to intercept >>>packets/mangle packets. >>> >>> >>> >>> >>how about pcap? :-) >> >>There are also two other mechinisms.. >>"divert sockets" (man divert) which is used in conjuction with teh ipfw >>packet fileter >>and netgraph (man 4 netgraph, man ngctl, man ng_socket, man ng_ether) >>which can do a lot of interesting thins. >> >> >> >>>What im trying to do specifically is like link compression, and I would then >>>need to check if the packet is then compressed and decompress, and so forth and >>>so on. >>> >>>I would like to avoid having to use a ipfw divert to a port, and specifically >>>check all traffic to the box using a library function or some kind of hook into >>>the kernel. >>> >>>The FreeBSD version I will be using is 4.9 or 4.11, and would like to know if >>>there are any such routines available, and whether it could be a userland >>>daemon, or if i am going to need to write a kernel loadable module? >>> >>>If anyone has any ideas or suggestions, or knows anything about this, it would >>>be a great help. >>> >>>Regards >>>/Cole >>> >>> >>>_______________________________________________ >>>freebsd-hackers@freebsd.org mailing list >>>http://lists.freebsd.org/mailman/listinfo/freebsd-hackers >>>To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" >>> >>> >>> >>>