Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 7 Apr 2002 20:25:33 -0500 (CDT)
From:      Nick Rogness <nick@rogness.net>
To:        "Crist J. Clark" <cjc@FreeBSD.ORG>
Cc:        "Matthew D. Fuller" <fullermd@over-yonder.net>, Alex Rousskov <rousskov@measurement-factory.com>, freebsd-net@FreeBSD.ORG
Subject:   Re: Forcing packets to the wire
Message-ID:  <Pine.BSF.4.21.0204072011570.14115-100000@cody.jharris.com>
In-Reply-To: <20020406212822.G70207@blossom.cjclark.org>
next in thread | previous in thread | raw e-mail | index | archive | help 

>On Sat, 6 Apr 2002, Crist J. Clark wrote:
>> On Sat, Apr 06, 2002 at 01:57:44PM -0600, Nick Rogness wrote:
>> 
>>> On Fri, Apr 05, 2002 at 06:48:09PM -0600 I heard the voice of
>>> On Fri, 5 Apr 2002, Matthew D. Fuller wrote:
>>> 
>>> You MIGHT be able to use ipfw divert/pipe rules to somehow shove the
>>> packets into a program on their way out, and write a program that
>>> would use raw sockets to hand-assemble the IP datagram on the way out;
>>> I'm not sure if the kernel would try to outsmart you on that.
>> 
>> 	Yeh, I thought of that. The problem is packets never leave
>> 	anywhere since the route for the other NIC is not "OUT" any
>> 	interface...it is the machine itself.
> 
> They never go over a _physical_ inteface, but they _do_ cross an
> interface, lo0, the internal loopback.
> 
>   ipfw fwd <external gateway> ip from <ip_if0> to <ip_if1> in via lo0


	AFAIK, the route to get from 1 interface to the other is not
	through the lo0.  I'm not sure if the kernel sends these packets
	across lo0 (internally) or not.  But the routing table would
	suggest not.  Here is a snapshot of a machine with 3 network cards
	in it:


lightning# netstat -rn
Routing tables
 
Internet:
Destination        Gateway            Flags     Refs     Use     Netif
default            10.0.1.17          UGSc        6      472      tl0
10.0.1.16/28       link#1             UC          0        0      tl0 =>
10.0.1.17          0:a0:c9:5e:6:6     UHLW        7      273      tl0
10.0.1.31          ff:ff:ff:ff:ff:ff  UHLWb       1    31965      tl0
10.0.3/24          link#3             UC          0        0      de1 =>
10.0.3.255         ff:ff:ff:ff:ff:ff  UHLWb       1    31965      de1
10.0.5/24          link#2             UC          0        0      de0 =>
10.0.5.255         ff:ff:ff:ff:ff:ff  UHLWb       1    31965      de0
127.0.0.1          127.0.0.1          UH          0     5288      lo0


Nick Rogness <nick@rogness.net>
 - Don't mind me...I'm just sniffing your packets


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0204072011570.14115-100000>