Date: Sat, 01 Nov 2014 15:38:33 +0330 From: Hooman Fazaeli <hoomanfazaeli@gmail.com> To: Ian Smith <smithi@nimnet.asn.au> Cc: freebsd-net@freebsd.org, Mark Felder <feld@freebsd.org> Subject: Re: transparent udp proxy Message-ID: <5454CD41.9010704@gmail.com> In-Reply-To: <20141101035050.R52402@sola.nimnet.asn.au> References: <54535B82.405@gmail.com> <1414764053.1422501.185543329.39B66970@webmail.messagingengine.com> <5453A3F0.7010706@gmail.com> <20141101035050.R52402@sola.nimnet.asn.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On 10/31/2014 8:30 PM, Ian Smith wrote: > On Fri, 31 Oct 2014 18:30:00 +0330, Hooman Fazaeli wrote: > > On 10/31/2014 5:30 PM, Mark Felder wrote: > > > I'm not sure if this is what you're looking for, but perhaps the > > > solution is in net/samplicator ? > > > > > > From the project's website: > > > > > > This simple program listens for UDP datagrams on a network port, and > > > sends copies of these datagrams on to a set of destinations. Optionally, > > > it can perform sampling, i.e. rather than forwarding every packet, > > > forward only 1 in N. Another option is that it can "spoof" the IP source > > > address, so that the copies appear to come from the original source, > > > rather than the relay. Currently only supports IPv4. > > > Thanks. I do not thinks it provides what I am looking for. > > > > I am not looking for an application performing a specific task, but a > > mechanism to get the __original__ destination address and port of > > packets forwarded to a local UDP proxy by ipfw fwd rules. As I > > figured it out until now, The original destination address may be > > obtained by IP_RECVDSTADDR on 9.0+ (but not on 8.x and older > > versions) but there seems to be no mechanism get the _original_ > > destination _port_ (Apart from this missing mechanism, my proxy is > > functional and performs what it is intended to do). > > : ipfw add 10 fwd localhost,7000 udp from any to any recv em1 > > Given these are local packets and that ipfw(8) /fwd states: > > The fwd action does not change the contents of the packet at all. > In particular, the destination address remains unmodified, so > packets forwarded to another system will usually be rejected by > that system unless there is a matching rule on that system to > capture them. For packets forwarded locally, the local address > of the socket will be set to the original destination address of > the packet. This makes the netstat(1) entry look rather weird > but is intended for use with transparent proxy servers. For FreeBSDs before 9.0, that description is only correct for TCP packets. For 9.0+, it is true for both UDP and TCP. Old kernels (before 9.0), change the destination of UDP packets forwarded to a local address to the forwarded-to address and port (those specified in the fwd rule). > Has the destination port in the received packet been changed to 7000? > > If not, you're all set. If so, where else could the dst port be stored? > > cheers, Ian There is no way to get the destination port. That is the problem. recvmsg(2) only returns source address+port and destination IP address. (on 9.0+). -- Best regards. Hooman Fazaeli
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5454CD41.9010704>