From owner-freebsd-net  Wed Nov 20 11:55:30 2002
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6E94F37B401
	for <freebsd-net@freebsd.org>; Wed, 20 Nov 2002 11:55:29 -0800 (PST)
Received: from fledge.watson.org (fledge.watson.org [204.156.12.50])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 3F7F143E91
	for <freebsd-net@freebsd.org>; Wed, 20 Nov 2002 11:55:28 -0800 (PST)
	(envelope-from robert@fledge.watson.org)
Received: from fledge.watson.org (fledge.pr.watson.org [192.0.2.3])
	by fledge.watson.org (8.12.6/8.12.5) with SMTP id gAKJtJBF054649;
	Wed, 20 Nov 2002 14:55:19 -0500 (EST)
	(envelope-from robert@fledge.watson.org)
Date: Wed, 20 Nov 2002 14:55:19 -0500 (EST)
From: Robert Watson <rwatson@freebsd.org>
X-Sender: robert@fledge.watson.org
To: soheil soheil <soheil_hh@hotmail.com>
Cc: freebsd-net@freebsd.org
Subject: Re: Q. about sockets
In-Reply-To: <F71uLn5U9T3TGJ2TUSz0001cdc2@hotmail.com>
Message-ID: <Pine.NEB.3.96L.1021120145144.44513O-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-net.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-net>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-net>
X-Loop: FreeBSD.org


On Wed, 20 Nov 2002, soheil soheil wrote:

> Can i use raw socket for get all of the TCP/IP packet travels through my
> PC like this ? 
> 
> in -------->MyGW                  MyGW------> out
>              |                     |
>               -----> MySocket -----

Generally, no -- there are a number of approaches you can take addressing
the problem you're talking about, but it depends a lot on what you need
the solution to do.  If you definitely want a userland solution, one place
to start looking is at DIVERT sockets.  This is used by the userland nat
daemon (natd(8)) to intercept packets along a route or going in/out an
interface.  Take a look at divert(4) for more general information on the
divert notion.  I've used IPDIVERT in a number of situations to write
filtering applications at the IP level.  I've also used BPF to write
userland applications to perform filtering at the link layer by writing a
simple bridging application.  Depending on what you're trying to
accomplish, you might also be interested in the ipfw "fwd" command, which
allows you to intercept TCP connections, which you can then hook up to a
new TCP connection created by a proxy application.  ipfw(8) contains some
information about connection "fwd"s.

Robert N M Watson             FreeBSD Core Team, TrustedBSD Projects
robert@fledge.watson.org      Network Associates Laboratories



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message