Date: Fri, 21 Apr 2006 13:48:22 +0800 From: "ShouYan Mao" <symao@juniper.net> To: "Amit Mondal" <amit.freebsd@gmail.com>, <freebsd-net@freebsd.org> Subject: RE: freeBSD /ipfw/ divert socket Message-ID: <322CBDC9307AE449B2BBDA9BF40792EF02DD8B@emailcnrd1.jnpr.net>
next in thread | raw e-mail | index | archive | help
No, if no application is reading from divert socket, kernel will drop = it! A divert socket is like a hole in the net system. Best Regards Shouyan -----Original Message----- From: owner-freebsd-net@freebsd.org = [mailto:owner-freebsd-net@freebsd.org] On Behalf Of Amit Mondal Sent: 2006=C4=EA4=D4=C221=C8=D5 13:44 To: freebsd-net@freebsd.org Subject: freeBSD /ipfw/ divert socket Hi All, I need a little help with FreeBSD Kernel stuff. I wanna use Divert = Socket to sniff IP packet in FreeBSD. For that I have compiled the kernel with options IPDIVERT and everything = is ok. Now, when I am not really sniffing and re-injecting the packet back to = the network stack, it is basically dropping all the packets. But I want it pass-through it, when no application is reading at divert socket. My question is, HOW CAN I MAKE IT PASS-THROUGH? IF NO APPLICATION IS = READING FROM DIVERT SOCKET, IT SHOULD WORK AS IF THERE IS NO DIVERT SOCKET. Thanks in adavnce Rgds Amit On 4/6/06, Amit Mondal <amit.freebsd@gmail.com> wrote: > > Hi All, > I am a newbie to freeBSD. I am trying to modify freeBSD tcp for some > security ehancement. Could anyone pls point me to how/where to start = or any > suitable material/tutorial to start with. > > Thanks in advance > Amit > _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?322CBDC9307AE449B2BBDA9BF40792EF02DD8B>