Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 9 Dec 2013 13:30:53 +0400
From:      Victor Gamov <vit@euro-comm.net>
To:        Sami Halabi <sodynet1@gmail.com>
Cc:        freebsd-net@freebsd.org
Subject:   Re: Netgraph ng_patch and ng_input: where to find packets?
Message-ID:  <D84A0C0F-F443-4AB9-B0FB-43D1D829EC29@euro-comm.net>
In-Reply-To: <CAEW%2BogYbzXfN=JB7ozYC686iR6vbNMwehVJ7vcJUT60cfNUkJw@mail.gmail.com>
References:  <ED66CBAA-575E-4823-9AEE-4A44FEF6AB01@euro-comm.net> <5293E3E7.6090604@freebsd.org> <B2B699D8-0BD8-451F-8685-C7B8C56AA7F0@euro-comm.net> <F39CFDF7-0772-488D-9DB9-350AEC495884@euro-comm.net> <CAEW%2BogZNpqzxAYMArqa8jkb=O1OipKo9jYQ90iZq=0pxqPY=TQ@mail.gmail.com> <52A493F1.6040700@freebsd.org> <CAEW%2BogYbzXfN=JB7ozYC686iR6vbNMwehVJ7vcJUT60cfNUkJw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 


On 09Dec, 2013, at 11:36, Sami Halabi wrote:

> Hi,

Hi Sami

> Actually following the ng_patch the following worked for me (using 9.2-R -amd64):

Yes, ng_patch works fine for me too.  Then ng_input works too because I see patched packets at ipfw.  But this packets does not appears on outgoing interface.

Now I haven't machine for future testing, but I'll do more tests on upcoming 10.0-R because I want to use 10.0 for my project.


> kldload ng_patch
> kldload ng_ipfw
> /usr/sbin/ngctl -f- << SEQ
>                  mkpeer ipfw: patch 300 in
>                  name ipfw:300 src_dst_chg
>                  msg src_dst_chg: setconfig { count=2 csum_flags=1 ops=[         \
>                          { mode=1 value=0xc0a8e609 length=4 offset=12 }  \
>                          { mode=1 value=0xc0a8e680 length=4 offset=16 } ] }
>          SEQ
> /sbin/ipfw add 600 netgraph 300 log ip from any to 239.0.0.19 dst-port 1234 in via vlan999
> 
> Sami
> 
> 
> On Sun, Dec 8, 2013 at 5:44 PM, Julian Elischer <julian@freebsd.org> wrote:
> On 12/8/13, 6:43 PM, Sami Halabi wrote:
> Hi Gamov,
> Have got this to work?
> If so would share configurations?
> 
> Thanks in advance,
> Sami
> בתאריך 29 בנוב 2013 19:28, "Victor Gamov" <vit@euro-comm.net> כתב:
> 
> 
> 
> if not then the way to track it it to put a breakpoint on the netgraph node that handles the packet and just single step through until you see where the packet goes..
> kdb would give you a decent idea but a second machine (or a virtual machine) with kgdb would really show you what's going on.

--
С уважением,
Гамов Виктор

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?D84A0C0F-F443-4AB9-B0FB-43D1D829EC29>