Date: Wed, 20 May 1998 20:22:33 -0700 From: Mike Smith <mike@smith.net.au> To: "L.C." <lc001@yahoo.com> Cc: Mike Smith <mike@smith.net.au>, freebsd-hackers@FreeBSD.ORG Subject: Re: Questions about Packet Filter Message-ID: <199805210322.UAA00447@antipodes.cdrom.com> In-Reply-To: Your message of "Wed, 20 May 1998 13:48:10 PDT." <19980520204810.7890.rocketmail@send1c.yahoomail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> Thanks a lot Mike. > > Are these BPF alike devices capable of "intercept" packages passing > through them? > > I mean is it possible that after it intercepts the outgoing package it > can modify the package contents(e.g. destination port) and inject into > NIC? No - you receive a copy of a packet that has passed by sometime previously. As people have already mentioned, you sound like you need the divert(4) functionality. Note that, to the best of my knowledge, none of the other systems that you mentioned offer this functionality - for all of these you need to add kernel-internal compontents. If you want to study how it's done for Solaris/NetBSD/FreeBSD, you can look at Darren Reed's ipfilter tool, which is an in-kernel firewall for these platforms. -- \\ Sometimes you're ahead, \\ Mike Smith \\ sometimes you're behind. \\ mike@smith.net.au \\ The race is long, and in the \\ msmith@freebsd.org \\ end it's only with yourself. \\ msmith@cdrom.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199805210322.UAA00447>