From owner-freebsd-net@FreeBSD.ORG  Thu Mar 25 03:00:12 2004
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 0E6C116A4D2
	for <freebsd-net@freebsd.org>; Thu, 25 Mar 2004 03:00:12 -0800 (PST)
Received: from artis.latnet.lv (artis.latnet.lv [159.148.107.4])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 862D943D41
	for <freebsd-net@freebsd.org>; Thu, 25 Mar 2004 03:00:11 -0800 (PST)
	(envelope-from ac-lists@latnet.lv)
Received: from artis.latnet.lv (localhost [127.0.0.1])
	by artis.latnet.lv (Postfix) with ESMTP id E187CC0CB
	for <freebsd-net@freebsd.org>; Thu, 25 Mar 2004 13:00:09 +0200 (EET)
To: freebsd-net@freebsd.org
References: <BAY16-F67kxJ5zHQE7m00017300@hotmail.com>
	<40599ACA.1040506@netli.com> <BAY16-DAV23SUIwMw8l00002ee7@hotmail.com>
Message-ID: <opr5ezij2ocpfy5d@mail.latnet.lv>
From: Artis Caune <ac-lists@latnet.lv>
Organization: Latnet
Content-Type: text/plain; format=flowed; charset=utf-8
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Date: Thu, 25 Mar 2004 13:00:09 +0200
In-Reply-To: <BAY16-DAV23SUIwMw8l00002ee7@hotmail.com>
User-Agent: Opera7.23/FreeBSD M2 build 518
Subject: Re: BSD Packet filter hook,
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2004 11:00:12 -0000

on 4.x you can replace IPFilter hook:
...
int
my_hook (const struct ip *ip, int ip_hl, struct ifnet *ifp, int out, 
struct mbuf **m)
{
    /* drop all ;) */
    m_freem(*m);
    *m = NULL;
    return 1;
}

/* on load */
fr_checkp = my_hook;
/* on unload */
rf_checkp = NULL;
...



on 5.x (>501108) there is pfil(9) hooks:
...
int
my_hook (void *arg, struct mbuf **m, struct ifnet *ifp, int dir)
{
    /* drop all ;) */
    m_freem(*m);
    *m = NULL;
    return 1;
}

struct pfil_head *pfh_inet;
pfh_inet = pfil_head_get (PFIL_TYPE_AF, AF_INET);
if (pfh_inet == NULL)
    return EINVAL;

/* on load */
pfil_add_hook(my_hook, NULL, PFIL_IN | PFIL_OUT, pfh_inet);
/* on unload */
pfil_remove_hook(my_hook, NULL, PFIL_IN | PFIL_OUT, pfh_inet);
...



-- 
Artis

On Thu, 25 Mar 2004 11:29:23 +0100, Fuhua Yin <fuhuayin@hotmail.com> wrote:

> Dear friends,
>
> Are there anyone who know about how to use BSD Packet filter hook?,
> something like netfilter in linux. But I need to find one for FreeBSD.
>
> Many thanks  IN Advance,
> fuhua
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"