From owner-freebsd-net@FreeBSD.ORG Tue Feb 3 16:17:27 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1A81D16A4CF for ; Tue, 3 Feb 2004 16:17:27 -0800 (PST) Received: from sccrmhc12.comcast.net (sccrmhc12.comcast.net [204.127.202.56]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7E8DB43D31 for ; Tue, 3 Feb 2004 16:17:23 -0800 (PST) (envelope-from julian@elischer.org) Received: from interjet.elischer.org ([24.7.73.28]) by comcast.net (sccrmhc12) with ESMTP id <2004020400172201200d0k4oe>; Wed, 4 Feb 2004 00:17:22 +0000 Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id QAA91248; Tue, 3 Feb 2004 16:17:20 -0800 (PST) Date: Tue, 3 Feb 2004 16:17:19 -0800 (PST) From: Julian Elischer To: Andriy Korud In-Reply-To: <1075843764.402012b4561da@isp.polynet.lviv.ua> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org cc: Dominik Lupinski Subject: Re: Changing TOS of forwarded packets? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Feb 2004 00:17:27 -0000 here's a suggestion.. I have not done this but it might work: use ipfw to send sessions that match to a divert socket at port X. use netgraph ng_ksocket to connect to the divert port you selected above. Use a variant of the node given to hack the TOC value.. (he's looking at ethernet packets where you would be looking at IP packets so it won't work directly). Hmmm having fiddled the packets we'd need to reinject them to a socket.. we could reinject them to teh same socket (we'd need to use a 'tee' node as follows: [divert]<--->[ksocket]<---->[tee]---->[hack]----\ ^ | \ | ----------------/ OR you could open another divert ksocket [divert]<--->[ksocket]<---->[tee]---->[hack]---->[ksocket]-->[divert] (the divert socket will always feed back into the IP stack.) On Tue, 3 Feb 2004, Andriy Korud wrote: > Thanks, but I'm looking for some solution that'd allow me to modify TOS of the > packets that match some filter rule, so I think I have to modify ipfilter > code. > > Andriy > > > On Tue, Feb 03, 2004 at 06:46:18PM +0200, Andriy Korud wrote: > > > > Hello, > > > > > Hi, my question is simple - is it possible to set TOS value of forwarded > > packets > > > using ipfw, ipfilter or other magic on FreeBSD 4-STABLE? > > > > As far as I know there is nothing official for this purposes (hope someone > > will correct me if I am wrong). This is why I started to design something > > on my own. My little goodie is a netgraph node for packet mangling in its > > early stage. I *just* got it to work and it is tested now. Seems to work > > properly for me. However, it was written and used only on FreeBSD-5.2-R > > and > > I'am not sure about diffrences in netgraph implementation in STABLE. > > > > Nevertheless, if noone suggests better sollution you may want to give it a > > try. Bear in mind it's early stage, though. There you can reach it: > > > > http://venus.wsb-nlu.edu.pl/~dlupinsk/ng_mangle/ > > > > regards, > > Dominik Lupinski > > > > > > Ps. Any feedback appreciated. > > -- > > "...they build you up only to tear you down." > > > > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >