From owner-freebsd-net@FreeBSD.ORG Wed Aug 20 21:34:42 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A26D8106567B for ; Wed, 20 Aug 2008 21:34:42 +0000 (UTC) (envelope-from ady@ady.ro) Received: from fg-out-1718.google.com (fg-out-1718.google.com [72.14.220.156]) by mx1.freebsd.org (Postfix) with ESMTP id 3DFFC8FC28 for ; Wed, 20 Aug 2008 21:34:41 +0000 (UTC) (envelope-from ady@ady.ro) Received: by fg-out-1718.google.com with SMTP id l26so821568fgb.35 for ; Wed, 20 Aug 2008 14:34:40 -0700 (PDT) Received: by 10.180.234.10 with SMTP id g10mr334255bkh.16.1219268080138; Wed, 20 Aug 2008 14:34:40 -0700 (PDT) Received: from ady-laptop.local ( [85.28.101.77]) by mx.google.com with ESMTPS id p9sm2480001fkb.5.2008.08.20.14.34.38 (version=TLSv1/SSLv3 cipher=RC4-MD5); Wed, 20 Aug 2008 14:34:39 -0700 (PDT) Date: Wed, 20 Aug 2008 23:34:20 +0200 (CEST) From: Adrian Penisoara X-X-Sender: ady@ady-laptop To: Javier Ubillos In-Reply-To: <1219265499.9118.31.camel@dib> Message-ID: References: <1219265499.9118.31.camel@dib> User-Agent: Alpine 1.00 (DEB 882 2007-12-20) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII Sender: Adrian Penisoara Cc: freebsd-net@freebsd.org Subject: Re: Override default ICMP (and other protocols) default replies. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Aug 2008 21:34:42 -0000 Hi, On Wed, 20 Aug 2008, Javier Ubillos wrote: > Hi freebsd-net. > (Sorry for cross posting. This time I think I found the right forum for > my question) > > I'm implementing a NAT (1 ip - 1 ip) like router. (it's not actually > NAT, but it's a good analogy for this case). > > I have chosen to use pcaplib to pick up the packets. I have an > implementation which picks up the packets, inspects them, rewrites the > destination/source ip-addresses and sends them out on the repective > interface. Umm, this is going parallel to the real network stack. Why not try to "hijack" the packets fro the kernel to the userland process with a feature like divert in ipfw(8) ? > > The problem I'm facing however is that my interfaces are answering to > e.g. icmp-echo (ping) automatically, and I don't know how to turn this > behaviour off. This is a normal TCP/IP network stack feature in the kernel. You may also find that connecting to one of the open ports on the machine will trigger a similar effect. You need to cut off that packet before entering the upper network application layer in the kernel -- see suggestion above. Regards, Adrian.