From owner-freebsd-hackers  Sun Nov 21 14:29:10 1999
Delivered-To: freebsd-hackers@freebsd.org
Received: from duke.cs.duke.edu (duke.cs.duke.edu [152.3.140.1])
	by hub.freebsd.org (Postfix) with ESMTP id 293D715253
	for <freebsd-hackers@FreeBSD.ORG>; Sun, 21 Nov 1999 14:28:59 -0800 (PST)
	(envelope-from partha@cs.duke.edu)
Received: from moe.cs.duke.edu (moe.cs.duke.edu [152.3.140.74])
	by duke.cs.duke.edu (8.9.1/8.9.1) with ESMTP id RAA29084;
	Sun, 21 Nov 1999 17:28:58 -0500 (EST)
Received: from localhost (partha@localhost) 
	by moe.cs.duke.edu (8.8.5/8.6.9) with ESMTP
	id RAA12097; Sun, 21 Nov 1999 17:27:48 -0500 (EST)
X-Authentication-Warning: moe.cs.duke.edu: partha owned process doing -bs
Date: Sun, 21 Nov 1999 17:27:48 -0500 (EST)
From: "Parthasarathy M. Aji" <partha@cs.duke.edu>
To: Julian Elischer <julian@whistle.com>
Cc: freebsd-hackers@FreeBSD.ORG
Subject: Re: Ip _ fw.c 
In-Reply-To: <Pine.BSF.4.20.9911162155040.1657-100000@home.elischer.org>
Message-ID: <Pine.GSO.4.20.9911211712520.12006-100000@moe.cs.duke.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Thanks Julian. But we are rewriting Kernel src file  ip_fw.c (which
does implement the ipfw system call i guess) to do the redirection
automatically for us, because redirection is faster at the Kernel than at
the user level.
Unfortunately I am new to writing code at the kernel level. The main
problem is that I don't know what files specifically I need to rewrite, is
it just ip_fw.c or any ohter files.. I don't know wether just rewriting
the packet ip_dst.s_addr is enough? This is similar to network address
translater except for the fact that our kernel will run on a proxy closer
to the client than to the server..

Partha





On Tue, 16 Nov 1999, Julian Elischer wrote:

> You can use the ipfw "fwd" command
> (man 8 ipfw)
> you need to also run ipfw 'fwd' commands on the servers otherwise they
> will send the packet back to it's original destination.
> 
> alternatively you could have no real machine with that address but set a
> loopback interface to the target address on each machine so that
> each machine would accept the packet when it arrived.
> if you want to actually CHANGE the packet then I believe natd can do that
> but I've not done it.
> julian
> 
> (p.s. tell more about your set-up and maybe I can be more specific)
> 
> 
> On Wed, 17 Nov 1999, Parthasarathy M. Aji wrote:
> 
> > Hey,
> > i want to do packet filtering and redirection through the
> > kernel. Specifically, My application will be on an intermediate node,
> > through which, I want to redirect every packet that comes through me to a
> > different server. Would you know what files I might want to look into
> > this( like ip_fw.c for eg) etc..? ..
> > 
> > Partha
> > 
> > 
> > 
> > 
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-hackers" in the body of the message
> > 
> 
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message