From owner-freebsd-questions  Fri Sep 25 13:02:18 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id NAA00758
          for freebsd-questions-outgoing; Fri, 25 Sep 1998 13:02:18 -0700 (PDT)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from alpo.whistle.com (alpo.whistle.com [207.76.204.38])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA00658
          for <freebsd-questions@FreeBSD.ORG>; Fri, 25 Sep 1998 13:02:05 -0700 (PDT)
          (envelope-from julian@whistle.com)
Received: (from daemon@localhost)
	by alpo.whistle.com (8.8.5/8.8.5) id MAA16733;
	Fri, 25 Sep 1998 12:53:24 -0700 (PDT)
Received: from current1.whistle.com(207.76.205.22)
 via SMTP by alpo.whistle.com, id smtpdv16729; Fri Sep 25 19:53:20 1998
Date: Fri, 25 Sep 1998 12:53:16 -0700 (PDT)
From: Julian Elischer <julian@whistle.com>
To: Mark Riehl <mriehl@sarnoff.mitre.org>
cc: freebsd-questions@FreeBSD.ORG
Subject: Re: Divert Socket?
In-Reply-To: <Pine.LNX.3.96.980924095530.22327E-100000@sarnoff.mitre.org>
Message-ID: <Pine.BSF.3.95.980925125040.5003E-100000@current1.whistle.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

if you need to read packets on the wire that are not going through your
machine, then you need bpf(4) and tcpdump(1)

if you need to INTERCEPT (and possibly modify) packets coming through your
machine you can use ipfw with divert.

If you want to REDIRECT packets then you can use ipfw and FWD.
(but that is trickier)

julian


On Thu, 24 Sep 1998, Mark Riehl wrote: 

> Guys,
> 
> I would like to get some suggestions on how to solve a problem.  I'm going
> to be connected via PPP to a Solaris X86 machine that will be sending out
> both UDP and TCP traffic.
> 
> If I know the ports (for both the TCP and UDP), can I intercept the
> traffic using a divert socket under FreeBsd 2.2.6?  Do I need to use both ipfw
> and natd?
> 
> If someone has a sample or instructions that they can point me to, I would
> really appreciate it.
> 
> Thanks,
> Mark
> 
> --
> Mark Riehl
> The MITRE Corporation
> mriehl@mitre.org
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
> 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message