From owner-freebsd-net@FreeBSD.ORG  Fri Dec 22 16:29:49 2006
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@freebsd.org
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id C2B6C16A40F
	for <freebsd-net@freebsd.org>; Fri, 22 Dec 2006 16:29:49 +0000 (UTC)
	(envelope-from rea-fbsd@codelabs.ru)
Received: from pobox.codelabs.ru (pobox.codelabs.ru [144.206.177.45])
	by mx1.freebsd.org (Postfix) with ESMTP id 7A43313C46C
	for <freebsd-net@freebsd.org>; Fri, 22 Dec 2006 16:29:49 +0000 (UTC)
	(envelope-from rea-fbsd@codelabs.ru)
DomainKey-Signature: a=rsa-sha1; q=dns; c=simple; s=one; d=codelabs.ru;
	h=Received:Date:From:To:Cc:Message-ID:References:MIME-Version:Content-Type:Content-Disposition:In-Reply-To:Sender:X-Spam-Status:Subject;
	b=oWvpKC1Y8cvmbtX50uibnXZAk2F5wBCdqDFpZS/c1XeZ09zSxzpne+RyfFItqJvK523cp/uwxPpOb2pQUhXzs+0KHh/1FUWAnBqYpCokvEu5Q7gU0Nyp3a4/ME7tTOurS+h8+xQA9/ZylohHZR7SsNhjWb2ZdS4vLVjM0RGorfE=;
Received: from codelabs.ru (pobox.codelabs.ru [144.206.177.45])
	by pobox.codelabs.ru with esmtpsa (TLSv1:AES256-SHA:256)
	id 1GxmwX-0008Bx-JV; Fri, 22 Dec 2006 19:08:21 +0300
Date: Fri, 22 Dec 2006 19:08:13 +0300
From: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
To: Fabr?cio Barros Cabral <fxcabral@yahoo.com.br>
Message-ID: <20061222160812.GB31089@codelabs.ru>
References: <1166802209.7642.17.camel@hades.no-ip.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
In-Reply-To: <1166802209.7642.17.camel@hades.no-ip.org>
Sender: rea-fbsd@codelabs.ru
X-Spam-Status: No, score=-1.6 required=4.0 tests=ALL_TRUSTED,AWL,BAYES_50
Cc: freebsd-net@freebsd.org
Subject: Re: Intercepting a packet,
	changing it and re-injecting into the network
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Dec 2006 16:29:49 -0000

Fabricio, good day!
> I'm developing a network application which needs *to intercept* a packet
> (not just *copy* a packet, like libpcap does), move this packet into my
> application (userland), do some checking in the packet and according
> with some heuristics, the application may change the payload and
> re-inject the modified packet into the network. Note that sometimes,
> I'll change the payload, drop the packet or just let it go.
> 
> So, how can a I do that in FreeBSD? I can use 6.1, 7.1, any version.

Probably you should read the divert(4) manual page and the ipfw(8)
manual, looking for the 'divert' directive. The good example of
your application is /sbin/natd.

The aforementioned facilities are present in FreeBSD at least since 4.x.
-- 
Eygene