From owner-freebsd-net@FreeBSD.ORG Mon Jun 14 17:28:41 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 944FF16A4CE for ; Mon, 14 Jun 2004 17:28:41 +0000 (GMT) Received: from sccrmhc12.comcast.net (sccrmhc12.comcast.net [204.127.202.56]) by mx1.FreeBSD.org (Postfix) with ESMTP id 33DAD43D2F for ; Mon, 14 Jun 2004 17:28:41 +0000 (GMT) (envelope-from jim@thehousleys.net) Received: from thehousleys.net ([24.34.30.131]) by comcast.net (sccrmhc12) with SMTP id <20040614172813012002e8o5e>; Mon, 14 Jun 2004 17:28:13 +0000 Received: from localhost (localhost [127.0.0.1]) by thehousleys.net (8.12.9p2/8.12.9) with ESMTP id i5EHSChk000644; Mon, 14 Jun 2004 13:28:12 -0400 (EDT) (envelope-from jim@Thehousleys.net) Received: from thehousleys.net ([127.0.0.1]) by localhost (cat.int.thehousleys.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 00574-04; Mon, 14 Jun 2004 13:28:09 -0400 (EDT) Received: from Thehousleys.net (baby.int.thehousleys.net [192.168.0.100]) (authenticated bits=0) by thehousleys.net (8.12.9p2/8.12.9) with ESMTP id i5EHS7ia000636; Mon, 14 Jun 2004 13:28:07 -0400 (EDT) (envelope-from jim@Thehousleys.net) Message-ID: <40CDE026.3040502@Thehousleys.net> Date: Mon, 14 Jun 2004 13:28:06 -0400 From: James Housley User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.6) Gecko/20040208 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-net@FreeBSD.org References: In-Reply-To: Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------ms000506070009080700090807" X-Virus-Scanned: by amavisd-new at thehousleys.net Subject: Re: Using netgraph for filtering/modifing packets X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jun 2004 17:28:41 -0000 This is a cryptographically signed message in MIME format. --------------ms000506070009080700090807 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Julian Elischer wrote: > > On Mon, 14 Jun 2004, James Housley wrote: > > >>For testing of a product I would like to be able to modify or even drop >>packets based on their content. What I have in mind is forcing the >>packets through a firewall that would redirect all packet to a netgraph >>node that would either pass unchanged, drop or change the contents to >>assist in testing some corner cases in the code. >> >>1) is this something doable with netgraph, I believe it is. > > > yes > > > >>2) what might be a good place to start? Have done some searching, but >>haven't found any example code I thought I could start from. > > > What sort of filter do you need? > > you can pass packets to netgraph from ipfw by diverting them and > openning a divert socket with teh ksocket node.. > > Or you can pick them directly from the network interface > and filter yourself using the 'bpf' node type to select > on something. > or you can use the etf type of node to filter on a particular > ethertype.. > > there are a lot of options but I don't knw your application enough :-) > I have a product that is connected to a PC via eithernet. The product runs FBSD, but I would likely put another FBSD box in the middle. I want to be able modify packets for good and evil based on the data portion of the packet. For example to ocasionally drop a packet that is acking some command. Or send an ack for a command that was never sent. Or just change data to be invalid. Then after messing with the data portion put it back in the queue to be sent, if it wasn't just dropped. Jim -- /"\ ASCII Ribbon Campaign . \ / - NO HTML/RTF in e-mail . X - NO Word docs in e-mail . / \ ----------------------------------------------------------------- jeh@FreeBSD.org http://www.FreeBSD.org The Power to Serve jim@TheHousleys.Net http://www.TheHousleys.net --------------------------------------------------------------------- "Eagles may soar, but weasels don't get sucked into jet engines" -- Anon --------------ms000506070009080700090807 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIJIzCC AuwwggJVoAMCAQICAwucmTANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UE ChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNv bmFsIEZyZWVtYWlsIElzc3VpbmcgQ0EwHhcNMDQwMTMxMTkxMTAwWhcNMDUwMTMwMTkxMTAw WjBeMRAwDgYDVQQEEwdIb3VzbGV5MQ4wDAYDVQQqEwVKYW1lczEWMBQGA1UEAxMNSmFtZXMg SG91c2xleTEiMCAGCSqGSIb3DQEJARYTamltQHRoZWhvdXNsZXlzLm5ldDCCASIwDQYJKoZI hvcNAQEBBQADggEPADCCAQoCggEBAM70siVrpNeIN29fGXTeZx4DuD8BQDzS4F9QLhypRRv2 aL+B1DvaX3spU9O7TktIKeXwJ4pN7iiL6RFXX53QdyXht96ILFVuSsYxM3vaAI+M446KmMKL 1PT033SFCQVb8/DsbJPGQqMauWfon9hdjx8B+PqZyMDRoprj2mJrlUtaGwUGDMYzsE+qG+dY v20Z9JH1nXVxMpsktz1kON2oFWmemobcoGO2swhb5CmG7KYiKKZW/ItsDwhu5ZebeB63UkUl SL/+GiUPiieGxnptEDYf5RH/wdN/29I7IeZuab8YajAk2WO+68vAYA3+d/nTgX9YCeGdkPS6 9KxDELa7c8MCAwEAAaMwMC4wHgYDVR0RBBcwFYETamltQHRoZWhvdXNsZXlzLm5ldDAMBgNV HRMBAf8EAjAAMA0GCSqGSIb3DQEBBAUAA4GBALGpfU4DorG1pNJyzuGAeJY0QWUrZMDmryk/ r08DfcBpE/BicfJXEuee41NWh+7Y2Y4fVdaAo5UAtjDjj8novARRt2rtGv9M9+7OKoTsx20O JKNBCiJWc53MscEapsc4fvvCl2Cf/TBl1AESJgTkjHHxoyTDNaadvV0lowHakwhOMIIC7DCC AlWgAwIBAgIDC5yZMA0GCSqGSIb3DQEBBAUAMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxU aGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwg RnJlZW1haWwgSXNzdWluZyBDQTAeFw0wNDAxMzExOTExMDBaFw0wNTAxMzAxOTExMDBaMF4x EDAOBgNVBAQTB0hvdXNsZXkxDjAMBgNVBCoTBUphbWVzMRYwFAYDVQQDEw1KYW1lcyBIb3Vz bGV5MSIwIAYJKoZIhvcNAQkBFhNqaW1AdGhlaG91c2xleXMubmV0MIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEAzvSyJWuk14g3b18ZdN5nHgO4PwFAPNLgX1AuHKlFG/Zov4HU O9pfeylT07tOS0gp5fAnik3uKIvpEVdfndB3JeG33ogsVW5KxjEze9oAj4zjjoqYwovU9PTf dIUJBVvz8Oxsk8ZCoxq5Z+if2F2PHwH4+pnIwNGimuPaYmuVS1obBQYMxjOwT6ob51i/bRn0 kfWddXEymyS3PWQ43agVaZ6ahtygY7azCFvkKYbspiIoplb8i2wPCG7ll5t4HrdSRSVIv/4a JQ+KJ4bGem0QNh/lEf/B03/b0jsh5m5pvxhqMCTZY77ry8BgDf53+dOBf1gJ4Z2Q9Lr0rEMQ trtzwwIDAQABozAwLjAeBgNVHREEFzAVgRNqaW1AdGhlaG91c2xleXMubmV0MAwGA1UdEwEB /wQCMAAwDQYJKoZIhvcNAQEEBQADgYEAsal9TgOisbWk0nLO4YB4ljRBZStkwOavKT+vTwN9 wGkT8GJx8lcS557jU1aH7tjZjh9V1oCjlQC2MOOPyei8BFG3au0a/0z37s4qhOzHbQ4ko0EK IlZzncyxwRqmxzh++8KXYJ/9MGXUARImBOSMcfGjJMM1pp29XSWjAdqTCE4wggM/MIICqKAD AgECAgENMA0GCSqGSIb3DQEBBQUAMIHRMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVy biBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5n MSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMSQwIgYDVQQDExtU aGF3dGUgUGVyc29uYWwgRnJlZW1haWwgQ0ExKzApBgkqhkiG9w0BCQEWHHBlcnNvbmFsLWZy ZWVtYWlsQHRoYXd0ZS5jb20wHhcNMDMwNzE3MDAwMDAwWhcNMTMwNzE2MjM1OTU5WjBiMQsw CQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoG A1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0EwgZ8wDQYJKoZIhvcN AQEBBQADgY0AMIGJAoGBAMSmPFVzVftOucqZWh5owHUEcJ3f6f+jHuy9zfVb8hp2vX8MOmHy v1HOAdTlUAow1wJjWiyJFXCO3cnwK4Vaqj9xVsuvPAsH5/EfkTYkKhPPK9Xzgnc9A74r/rsY Pge/QIACZNenprufZdHFKlSFD0gEf6e20TxhBEAeZBlyYLf7AgMBAAGjgZQwgZEwEgYDVR0T AQH/BAgwBgEB/wIBADBDBgNVHR8EPDA6MDigNqA0hjJodHRwOi8vY3JsLnRoYXd0ZS5jb20v VGhhd3RlUGVyc29uYWxGcmVlbWFpbENBLmNybDALBgNVHQ8EBAMCAQYwKQYDVR0RBCIwIKQe MBwxGjAYBgNVBAMTEVByaXZhdGVMYWJlbDItMTM4MA0GCSqGSIb3DQEBBQUAA4GBAEiM0VCD 6gsuzA2jZqxnD3+vrL7CF6FDlpSdf0whuPg2H6otnzYvwPQcUCCTcDz9reFhYsPZOhl+hLGZ GwDFGguCdJ4lUJRix9sncVcljd2pnDmOjCBPZV+V2vf3h9bGCE6u9uo05RAaWzVNd+NWIXiC 3CEZNd4ksdMdRv9dX2VPMYIDOzCCAzcCAQEwaTBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMc VGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFs IEZyZWVtYWlsIElzc3VpbmcgQ0ECAwucmTAJBgUrDgMCGgUAoIIBpzAYBgkqhkiG9w0BCQMx CwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wNDA2MTQxNzI4MDdaMCMGCSqGSIb3DQEJ BDEWBBQ0ImqciWgqokQMUu2aXxQol30eSDBSBgkqhkiG9w0BCQ8xRTBDMAoGCCqGSIb3DQMH MA4GCCqGSIb3DQMCAgIAgDANBggqhkiG9w0DAgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIB KDB4BgkrBgEEAYI3EAQxazBpMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29u c3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwg SXNzdWluZyBDQQIDC5yZMHoGCyqGSIb3DQEJEAILMWugaTBiMQswCQYDVQQGEwJaQTElMCMG A1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBl cnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0ECAwucmTANBgkqhkiG9w0BAQEFAASCAQA8Tol3 +QoAOCENab4Auny3IwcirOI9PKpZmZk2KbgodPl/aB9sEp0kobVU7GVFkwvWiVpIUv2uoGR4 1kdbzlUFvWyHmM9FQX3GPe+ZFWFxIWUnzoBP2nBsf/drPvqJCx7fVzTIReyUfl4LXspNolB+ bUHKzMeCGqg6YWgE/EXjSH1QhXYHXcovb4cE/BN3XYN5dwwpFwyC7ii1J4VvN02KSBwFSboU QwYILOwMeL+yU4IZ09BbT1NJ/L7c9yj+0vUDQf3bTXZs47dZBAoA/VYFiO2gzFWUgYGi1uHb BmWEV2L+TaW4ie7SMa2ry9/9oP5RxJKCL7gVmS+iyZIF2w4DAAAAAAAA --------------ms000506070009080700090807--