From owner-freebsd-net@FreeBSD.ORG Fri Apr 21 05:48:29 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B81C216A40F for ; Fri, 21 Apr 2006 05:48:29 +0000 (UTC) (envelope-from symao@juniper.net) Received: from kremlin.juniper.net (kremlin.juniper.net [207.17.137.120]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3472A43D60 for ; Fri, 21 Apr 2006 05:48:26 +0000 (GMT) (envelope-from symao@juniper.net) Received: from unknown (HELO beta.jnpr.net) ([172.24.18.109]) by kremlin.juniper.net with ESMTP; 20 Apr 2006 22:48:26 -0700 X-BrightmailFiltered: true X-Brightmail-Tracker: AAAAAA== X-IronPort-AV: i="4.04,143,1144047600"; d="scan'208"; a="541373998:sNHT32598048" Received: from emailcnrd1.jnpr.net ([10.208.0.15]) by beta.jnpr.net with Microsoft SMTPSVC(6.0.3790.1830); Thu, 20 Apr 2006 22:48:25 -0700 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="gb2312" Content-Transfer-Encoding: quoted-printable Date: Fri, 21 Apr 2006 13:48:22 +0800 Message-ID: <322CBDC9307AE449B2BBDA9BF40792EF02DD8B@emailcnrd1.jnpr.net> X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: freeBSD /ipfw/ divert socket Thread-Index: AcZlBrFEyuVVDW5IRTihx8r6cgpO4QAAHgrQ From: "ShouYan Mao" To: "Amit Mondal" , X-OriginalArrivalTime: 21 Apr 2006 05:48:25.0615 (UTC) FILETIME=[351171F0:01C66507] Cc: Subject: RE: freeBSD /ipfw/ divert socket X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Apr 2006 05:48:31 -0000 No, if no application is reading from divert socket, kernel will drop = it! A divert socket is like a hole in the net system. Best Regards Shouyan -----Original Message----- From: owner-freebsd-net@freebsd.org = [mailto:owner-freebsd-net@freebsd.org] On Behalf Of Amit Mondal Sent: 2006=C4=EA4=D4=C221=C8=D5 13:44 To: freebsd-net@freebsd.org Subject: freeBSD /ipfw/ divert socket Hi All, I need a little help with FreeBSD Kernel stuff. I wanna use Divert = Socket to sniff IP packet in FreeBSD. For that I have compiled the kernel with options IPDIVERT and everything = is ok. Now, when I am not really sniffing and re-injecting the packet back to = the network stack, it is basically dropping all the packets. But I want it pass-through it, when no application is reading at divert socket. My question is, HOW CAN I MAKE IT PASS-THROUGH? IF NO APPLICATION IS = READING FROM DIVERT SOCKET, IT SHOULD WORK AS IF THERE IS NO DIVERT SOCKET. Thanks in adavnce Rgds Amit On 4/6/06, Amit Mondal wrote: > > Hi All, > I am a newbie to freeBSD. I am trying to modify freeBSD tcp for some > security ehancement. Could anyone pls point me to how/where to start = or any > suitable material/tutorial to start with. > > Thanks in advance > Amit > _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"