From owner-freebsd-net@FreeBSD.ORG Fri Dec 22 16:22:15 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 32E5916A403 for ; Fri, 22 Dec 2006 16:22:15 +0000 (UTC) (envelope-from cswiger@mac.com) Received: from pi.codefab.com (pi.codefab.com [199.103.21.227]) by mx1.freebsd.org (Postfix) with ESMTP id 0826113C457 for ; Fri, 22 Dec 2006 16:22:10 +0000 (UTC) (envelope-from cswiger@mac.com) Received: from localhost (localhost [127.0.0.1]) by pi.codefab.com (Postfix) with ESMTP id 21E215EDD; Fri, 22 Dec 2006 11:04:07 -0500 (EST) X-Virus-Scanned: amavisd-new at codefab.com Received: from pi.codefab.com ([127.0.0.1]) by localhost (pi.codefab.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Df9Qy2RC7y3n; Fri, 22 Dec 2006 11:04:03 -0500 (EST) Received: from [192.168.1.251] (pool-68-161-114-230.ny325.east.verizon.net [68.161.114.230]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by pi.codefab.com (Postfix) with ESMTP id 3EE355C0F; Fri, 22 Dec 2006 11:04:03 -0500 (EST) Message-ID: <458C01EA.3080207@mac.com> Date: Fri, 22 Dec 2006 11:03:54 -0500 From: Chuck Swiger User-Agent: Thunderbird 1.5.0.9 (Windows/20061207) MIME-Version: 1.0 To: =?ISO-8859-1?Q?Fabr=EDcio_Barros_Cabral?= References: <1166802209.7642.17.camel@hades.no-ip.org> In-Reply-To: <1166802209.7642.17.camel@hades.no-ip.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Cc: freebsd-net@freebsd.org Subject: Re: Intercepting a packet, changing it and re-injecting into the network X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Dec 2006 16:22:15 -0000 Fabrício Barros Cabral wrote: > Hello everybody! > > I'm developing a network application which needs *to intercept* a packet > (not just *copy* a packet, like libpcap does), move this packet into my > application (userland), do some checking in the packet and according > with some heuristics, the application may change the payload and > re-inject the modified packet into the network. Note that sometimes, > I'll change the payload, drop the packet or just let it go. > > So, how can a I do that in FreeBSD? I can use 6.1, 7.1, any version. Use IPFW plus a divert socket, or possibly netgraph. See the sources for natd for an example of a userland app which intercepts and re-injects packets, possibly modified... -- -Chuck