From owner-freebsd-net@FreeBSD.ORG  Thu May  2 03:28:58 2013
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id 28645950
 for <freebsd-net@freebsd.org>; Thu,  2 May 2013 03:28:58 +0000 (UTC)
 (envelope-from julian@freebsd.org)
Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16])
 by mx1.freebsd.org (Postfix) with ESMTP id F3DD011C2
 for <freebsd-net@freebsd.org>; Thu,  2 May 2013 03:28:57 +0000 (UTC)
Received: from jre-mbp.elischer.org
 (ppp121-45-237-17.lns20.per1.internode.on.net [121.45.237.17])
 (authenticated bits=0)
 by vps1.elischer.org (8.14.5/8.14.5) with ESMTP id r423SqGN018386
 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO);
 Wed, 1 May 2013 20:28:54 -0700 (PDT)
 (envelope-from julian@freebsd.org)
Message-ID: <5181DD6F.3090404@freebsd.org>
Date: Thu, 02 May 2013 11:28:47 +0800
From: Julian Elischer <julian@freebsd.org>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8;
 rv:17.0) Gecko/20130328 Thunderbird/17.0.5
MIME-Version: 1.0
To: Barney Cordoba <barney_cordoba@yahoo.com>
Subject: Re: Capture packets before kernel process
References: <1367450023.38176.YahooMailClassic@web121605.mail.ne1.yahoo.com>
In-Reply-To: <1367450023.38176.YahooMailClassic@web121605.mail.ne1.yahoo.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: freebsd-net@freebsd.org, wind@sourcearmory.com
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 02 May 2013 03:28:58 -0000

On 5/2/13 7:13 AM, Barney Cordoba wrote:
> --- On Tue, 4/30/13, wind@sourcearmory.com <wind@sourcearmory.com> wrote:
>
>> From: wind@sourcearmory.com <wind@sourcearmory.com>
>> Subject: Capture packets before kernel process
>> To: freebsd-net@freebsd.org
>> Date: Tuesday, April 30, 2013, 11:24 AM
>> Hi!
>>
>> I need some help, currently I'm working in a project where I
>> want to capture and process some network packets before the
>> kernel. I have searched but I have found nothing.
>>
>> Is there some way to capture the packets before the kernel
>> ?
> You want to wedge your code to the if_input routine. Then pass the mbuf
> to the original if_input routine.
there is a netgraph hook there.

man netgraph
>
> BC
>
>
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
>