Date: Mon, 2 Jul 2001 17:42:19 -0500 From: Bill Fumerola <billf@mu.org> To: "Eugene L. Vorokov" <vel@bugz.infotecs.ru> Cc: freebsd-hackers@freebsd.org Subject: Re: catching ip packets from module Message-ID: <20010702174219.K47870@elvis.mu.org> In-Reply-To: <200107021532.f62FWEw87507@bugz.infotecs.ru>; from vel@bugz.infotecs.ru on Mon, Jul 02, 2001 at 07:32:13PM %2B0400 References: <200107021532.f62FWEw87507@bugz.infotecs.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jul 02, 2001 at 07:32:13PM +0400, Eugene L. Vorokov wrote:
> Hello,
>
> can please someone enlighten me how can a module catch ip packets before
> they actually enter the stack, the way ipfw or ipf does ? I tried to look
> at the sources, but ipfw seems to do it some very specific way which
> is based on some in-kernel hacks to make it possible (ofcourse correct me
> if I'm wrong), and ipf does so many things at startup so I can't figure
> out which function does what :( I just want to add my handler so that
> all packets would be passed to it before entering the kernel ...
the way ipfw or ipf does? by adding hacks^H^H^H^Hooks into ip_{in,out}put()
search for ip_fw_chk_ptr and fr_checkp, those are the money functions.
everything else is just setup and reaction.
as far as non-hacks that do similar things, as alfred points out netgraph
is probably the most modular way to drop in raw-frame-needing-module-X.
--
Bill Fumerola - security yahoo / Yahoo! inc.
- fumerola@yahoo-inc.com / billf@FreeBSD.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010702174219.K47870>