From owner-freebsd-net@FreeBSD.ORG Wed Jan 23 14:52:52 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1B8EF16A41A for ; Wed, 23 Jan 2008 14:52:52 +0000 (UTC) (envelope-from Stephen.Clark@seclark.us) Received: from smtpout06.prod.mesa1.secureserver.net (smtpout06-04.prod.mesa1.secureserver.net [64.202.165.227]) by mx1.freebsd.org (Postfix) with SMTP id CDD7B13C447 for ; Wed, 23 Jan 2008 14:52:51 +0000 (UTC) (envelope-from Stephen.Clark@seclark.us) Received: (qmail 5157 invoked from network); 23 Jan 2008 14:52:51 -0000 Received: from unknown (24.144.77.185) by smtpout06-04.prod.mesa1.secureserver.net (64.202.165.227) with ESMTP; 23 Jan 2008 14:52:50 -0000 Message-ID: <4797549C.2080209@seclark.us> Date: Wed, 23 Jan 2008 09:52:12 -0500 From: Stephen Clark User-Agent: Thunderbird 2.0.0.9 (X11/20071115) MIME-Version: 1.0 To: Stephen.Clark@seclark.us References: <479663C0.3090606@seclark.us> <715218DB-7DE4-4CCF-A858-03AC05BA4732@mac.com> <479738F8.9010905@seclark.us> In-Reply-To: <479738F8.9010905@seclark.us> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: duplicate packet using divert X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Stephen.Clark@seclark.us List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Jan 2008 14:52:52 -0000 Stephen Clark wrote: > Chuck Swiger wrote: >> On Jan 22, 2008, at 1:44 PM, Stephen Clark wrote: >>> does anyone have a program that uses the divert socket to duplicate >>> an incoming packet so it can be >>> sent to another address. >> >> Well, I assume you could start with the ipfw "tee" directive and >> /usr/src/sbin/natd ...? >> > Thanks Chuck - I have been thinking the same thing - just thought > someone may have already > done this. > > Steve > Hi Chuck, ipfw add 50 tee natd udp from any to 20.x.x.120 dst-port 14050 in natd -verbose -a 20.x.x.120 -redirect_address 10.0.129.101 20.x.x.120 this seems to do the trick. Steve -- "They that give up essential liberty to obtain temporary safety, deserve neither liberty nor safety." (Ben Franklin) "The course of history shows that as a government grows, liberty decreases." (Thomas Jefferson)