Date: Fri, 14 Nov 1997 01:02:40 +0000 From: Brian Somers <brian@awfulhak.org> To: Archie Cobbs <archie@whistle.com> Cc: fwang2@eos.ncsu.edu (Feiyi Wang), questions@FreeBSD.ORG Subject: Re: Another divert socket question Message-ID: <199711140102.BAA25757@awfulhak.demon.co.uk> In-Reply-To: Your message of "Thu, 13 Nov 1997 10:34:36 PST." <199711131834.KAA19531@bubba.whistle.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I left this in my "unread" list hoping you'd answer Archie ! Thanks ;-) I definitely couldn't have said it better ! > Feiyi Wang writes: > > In divert man page, it is said that: "Normally, packets read as incoming > > should be written as incoming; similiarly for outgoing packets. When > > reading and then writing back packets, passing the same socket address > > supplied by recvfrom(2) unmodified to sendto(2) simplifies things". > > > > I am a bit confused here: when I do recvfrom(2), the socket address I am > > getting is actually a source (struct socketaddr*), if I pass it > > unmodified to sendto(2) as detination, it seems contradict to my usual > > sense of "read as incoming, write as incoming". Am I missing something > > here? > > The root of your question is the hackerous nature of divert sockets :-) > You have to forget your usual understanding of the meaning of sendto() > and recvfrom(). Just think of them as read() and write() with room for > an extra argument. The extra argument simply specifies whether the > packet is an "incoming" packet (ie, received on an interface but not > yet routed) or an "outgoing" packet (ie, ready to be forwarded out a > specific interface). > > > I do tried this way, it seemed not work. To make my question clear, here > > is what I am trying to do - A routing daemon (gated) is listening proto > > 89 via "normal raw socket". I first use "ipfw" divert all ip packets > > with proto 89 to another port, which got a divert socket binded, after > > packet checking ok, I want to re-inject it into the incoming stream > > without affecting gated daemon. > > > > Can it be done? Now reading is ok, but when I write back, but gated > > daemon seems never receive the packets. > > You should be able to do this by passing the exact same sockaddr > structure you got from recvfrom() to sendto(). If gated is not > getting the packets, make sure your packet is legal, ie., has > a correct IP header checksum, etc (otherwise it will get dropped). > > -Archie > > ___________________________________________________________________________ > Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com -- Brian <brian@Awfulhak.org>, <brian@FreeBSD.org>, <bri@OpenBSD.org> <http://www.Awfulhak.org>; Don't _EVER_ lose your sense of humour....
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199711140102.BAA25757>