From owner-freebsd-hackers@FreeBSD.ORG Mon Feb 1 13:26:10 2010 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9980410656E9 for ; Mon, 1 Feb 2010 13:26:10 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [65.122.17.42]) by mx1.freebsd.org (Postfix) with ESMTP id 742A28FC1E for ; Mon, 1 Feb 2010 13:26:10 +0000 (UTC) Received: from fledge.watson.org (fledge.watson.org [65.122.17.41]) by cyrus.watson.org (Postfix) with ESMTPS id 18EF146B17; Mon, 1 Feb 2010 08:26:10 -0500 (EST) Date: Mon, 1 Feb 2010 13:26:09 +0000 (GMT) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: Lukasz Jaroszewski In-Reply-To: <3930e0781002010302r3758968cl5f010bd7a585cca4@mail.gmail.com> Message-ID: References: <3930e0781002010302r3758968cl5f010bd7a585cca4@mail.gmail.com> User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="621616949-2020675623-1265030770=:23174" Cc: freebsd-hackers@freebsd.org Subject: Re: PFIL: how to get tcp/ip fields from mbuf X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Feb 2010 13:26:10 -0000 This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --621616949-2020675623-1265030770=:23174 Content-Type: TEXT/PLAIN; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8BIT On Mon, 1 Feb 2010, Lukasz Jaroszewski wrote: > I am wondering about most elegant and proper way to get IP header fields > from mbuf, using PFILs. I have read Murat Balaban paper on PFIL_HOOKS where > I found some example function. Question is how can I access IP header field > in such manner. The best reference here is probably firewall source code that already exists in the tree. For IP-layer hooks, you'll need to use the m_pullup() call to ensure the bytes you want are contiguously stored, and then mtod() to cast the mbuf pointer appropriately. Although I notice ipfw, at least, doesn't call m_pullup() for the base header, as it assumes the calling context will already have arranged for it to be contiguous: static int ipfw_check_hook(void *arg, struct mbuf **m0, struct ifnet *ifp, int dir, struct inpcb *inp) { ... if (mtod(*m0, struct ip *)->ip_v == 4) ret = ip_dn_io_ptr(m0, dir, &args); ... Robert > > static int > hisar_chkinput(void *arg, struct mbuf **m, struct ifnet *ifp, int dir, > struct inpcb *inp) > { > in_bytes += (*m)->m_len; > return 0; > } > Regards > LVJ. > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" > --621616949-2020675623-1265030770=:23174--