From owner-freebsd-net@FreeBSD.ORG Sat Nov 9 20:14:12 2013 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id CEC684A1; Sat, 9 Nov 2013 20:14:12 +0000 (UTC) (envelope-from jilingshu@gmail.com) Received: from mail-qa0-x22b.google.com (mail-qa0-x22b.google.com [IPv6:2607:f8b0:400d:c00::22b]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 7C66620E7; Sat, 9 Nov 2013 20:14:12 +0000 (UTC) Received: by mail-qa0-f43.google.com with SMTP id cm18so690137qab.2 for ; Sat, 09 Nov 2013 12:14:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=46G+SDq1T8KkR0ItUh4kzgZuP63wSZiS/X4XQ+MXBJU=; b=d0/gfcV8m5YqBwQXK/NuofGl8xkKAp3CbdZ2j+kdpnULIXgLUcLoDqmq41Q+WZJaui vQjxUH3cmRykDxb3x4Vm3JJaZlD7GjQJy01aCp8fAndal+MdJLmFsBZKjaSKTi9WdgQW yZQUjsrezIQaoJ2AKqhgfvjBhxxVSUY1Ze/PjmIOd9nMTxwH5DZ5fpAjFzT1N70VdEH0 7AS0EI2r3Wii0Hz0N3PIr9bo//+HtFIYBHxrdTxbgO3WhsoeB9/Z/SQ59w+mHSxBQ8eU wDQ5jAmsiAeqp8EGHc31v6MDwqenJgEbVG/RBuNYeQc9r5iyZePVBgYNzBRvpDuijndX K4SA== X-Received: by 10.49.108.135 with SMTP id hk7mr33460438qeb.33.1384028051619; Sat, 09 Nov 2013 12:14:11 -0800 (PST) Received: from [172.16.99.106] (stjhnf0148w-142162175108.dhcp-dynamic.fibreop.nl.bellaliant.net. [142.162.175.108]) by mx.google.com with ESMTPSA id l5sm37896178qac.12.2013.11.09.12.14.10 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sat, 09 Nov 2013 12:14:11 -0800 (PST) Message-ID: <527E9791.3070301@Gmail.com> Date: Sat, 09 Nov 2013 16:44:09 -0330 From: Bear User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.1.0 MIME-Version: 1.0 To: Rozhuk.IM@gmail.com, 'Gleb Smirnoff' Subject: Re: ng_patch and 802.11Q References: <527C799D.8020208@Gmail.com> <20131108215210.GH7577@FreeBSD.org> <527DDFEA.9050001@Gmail.com> <527e4926.aa1d700a.02d7.fffff457@mx.google.com> In-Reply-To: <527e4926.aa1d700a.02d7.fffff457@mx.google.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 09 Nov 2013 20:14:13 -0000 Hi all, I did a test, it seems ng_ether will capture after removing VLAN tag? > sudo nghook -a em0: lower > 0000: xx xx xx xx xx xx yy yy yy yy yy yy 08 00 45 00 .9D...........E. em0 is the parent interface of all VLAN, and data sent from this interface is ALWAYS tagged. If I run tcpdump: > tcpdump -i em0 -e -n -vv > 142.162.175.108.12401 > xxx.xxx.xxx.xxx.14875: [udp sum ok] UDP, length 59 > 09:43:04.576023 xx:xx:xx:xx:xx:xx > yy:yy:yy:yy:yy:yy, ethertype 802.1Q (0x8100), length 58: vlan 35, p 0, ethertype IPv4, (tos 0x0, ttl 126, id 5184, offset 0, flags [DF], proto TCP (6), length 40) I can see the packet has VLAN tag. How can I obtain raw Ethernet frame with 802.1Q header by netgraph? If I cannot get this, it will become impossible to modify the VLAN priority field. :-( On 2013/11/9 11:09 AM, rozhuk.im@gmail.com wrote: > http://www.netlab.linkpc.net/download/software/FreeBSD/mcastbridge/mcastbr2. > sh > http://www.netlab.linkpc.net/forum/index.php?topic=796.0 > > >> It seems a good idea... Do you have some example working on ng_ether? >> The manpage of ng_ether seems no example... >> >> On 11/8/2013 6:22 PM, Gleb Smirnoff wrote: >>> On Fri, Nov 08, 2013 at 02:11:49AM -0330, Bear wrote: >>> B> Hi all, >>> B> I want to modify VLAN priority by ng_patch. After reading the >>> B> manpage of >>> B> ng_patch(http://www.freebsd.org/cgi/man.cgi?query=ng_patch) and >> the >>> B> example it given: >>> B> >>> B> > /usr/sbin/ngctl -f- <<-SEQ >>> B> > mkpeer ipfw: patch 200 in >>> B> > name ipfw:200 ttl_add >>> B> > msg ttl_add: setconfig { count=1 csum_flags=1 ops=[ \ >>> B> > { mode=2 value=3 length=1 offset=8 } ] } >>> B> > SEQ >>> B> > /sbin/ipfw add 150 netgraph 200 ip from any to >>> B> simplex.remote.net >>> B> >>> B> It seems ng_patch can only modify IP header. However, the position >>> B> of VLAN header is before IP header and after Ethernet header. How >>> B> can I modify it? >>> >>> ipfw allows you to intercept packets at IP layer. Tp modify VLAN >>> header, you need to capture them earlier. May be ng_ether(4) will >> help you. >>> > > > >