From owner-freebsd-net  Sun Apr  7 18:18:12 2002
Delivered-To: freebsd-net@freebsd.org
Received: from cody.jharris.com (cody.jharris.com [205.238.128.83])
	by hub.freebsd.org (Postfix) with ESMTP
	id ED82437B400; Sun,  7 Apr 2002 18:18:08 -0700 (PDT)
Received: from localhost (nick@localhost)
	by cody.jharris.com (8.11.1/8.9.3) with ESMTP id g381PXb20866;
	Sun, 7 Apr 2002 20:25:34 -0500 (CDT)
	(envelope-from nick@rogness.net)
Date: Sun, 7 Apr 2002 20:25:33 -0500 (CDT)
From: Nick Rogness <nick@rogness.net>
X-Sender: nick@cody.jharris.com
To: "Crist J. Clark" <cjc@FreeBSD.ORG>
Cc: "Matthew D. Fuller" <fullermd@over-yonder.net>,
	Alex Rousskov <rousskov@measurement-factory.com>,
	freebsd-net@FreeBSD.ORG
Subject: Re: Forcing packets to the wire
In-Reply-To: <20020406212822.G70207@blossom.cjclark.org>
Message-ID: <Pine.BSF.4.21.0204072011570.14115-100000@cody.jharris.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-net.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-net>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-net>
X-Loop: FreeBSD.org


>On Sat, 6 Apr 2002, Crist J. Clark wrote:
>> On Sat, Apr 06, 2002 at 01:57:44PM -0600, Nick Rogness wrote:
>> 
>>> On Fri, Apr 05, 2002 at 06:48:09PM -0600 I heard the voice of
>>> On Fri, 5 Apr 2002, Matthew D. Fuller wrote:
>>> 
>>> You MIGHT be able to use ipfw divert/pipe rules to somehow shove the
>>> packets into a program on their way out, and write a program that
>>> would use raw sockets to hand-assemble the IP datagram on the way out;
>>> I'm not sure if the kernel would try to outsmart you on that.
>> 
>> 	Yeh, I thought of that. The problem is packets never leave
>> 	anywhere since the route for the other NIC is not "OUT" any
>> 	interface...it is the machine itself.
> 
> They never go over a _physical_ inteface, but they _do_ cross an
> interface, lo0, the internal loopback.
> 
>   ipfw fwd <external gateway> ip from <ip_if0> to <ip_if1> in via lo0


	AFAIK, the route to get from 1 interface to the other is not
	through the lo0.  I'm not sure if the kernel sends these packets
	across lo0 (internally) or not.  But the routing table would
	suggest not.  Here is a snapshot of a machine with 3 network cards
	in it:


lightning# netstat -rn
Routing tables
 
Internet:
Destination        Gateway            Flags     Refs     Use     Netif
default            10.0.1.17          UGSc        6      472      tl0
10.0.1.16/28       link#1             UC          0        0      tl0 =>
10.0.1.17          0:a0:c9:5e:6:6     UHLW        7      273      tl0
10.0.1.31          ff:ff:ff:ff:ff:ff  UHLWb       1    31965      tl0
10.0.3/24          link#3             UC          0        0      de1 =>
10.0.3.255         ff:ff:ff:ff:ff:ff  UHLWb       1    31965      de1
10.0.5/24          link#2             UC          0        0      de0 =>
10.0.5.255         ff:ff:ff:ff:ff:ff  UHLWb       1    31965      de0
127.0.0.1          127.0.0.1          UH          0     5288      lo0


Nick Rogness <nick@rogness.net>
 - Don't mind me...I'm just sniffing your packets


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message