From owner-freebsd-net  Sat Apr  6 21:28:28 2002
Delivered-To: freebsd-net@freebsd.org
Received: from rwcrmhc51.attbi.com (rwcrmhc51.attbi.com [204.127.198.38])
	by hub.freebsd.org (Postfix) with ESMTP id DC15537B400
	for <freebsd-net@FreeBSD.ORG>; Sat,  6 Apr 2002 21:28:24 -0800 (PST)
Received: from blossom.cjclark.org ([12.234.91.48]) by rwcrmhc51.attbi.com
          (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP
          id <20020407052824.YQMW18078.rwcrmhc51.attbi.com@blossom.cjclark.org>;
          Sun, 7 Apr 2002 05:28:24 +0000
Received: (from cjc@localhost)
	by blossom.cjclark.org (8.11.6/8.11.6) id g375SNe71336;
	Sat, 6 Apr 2002 21:28:23 -0800 (PST)
	(envelope-from cjc)
Date: Sat, 6 Apr 2002 21:28:22 -0800
From: "Crist J. Clark" <cjc@FreeBSD.ORG>
To: Nick Rogness <nick@rogness.net>
Cc: "Matthew D. Fuller" <fullermd@over-yonder.net>,
	Alex Rousskov <rousskov@measurement-factory.com>,
	freebsd-net@FreeBSD.ORG
Subject: Re: Forcing packets to the wire
Message-ID: <20020406212822.G70207@blossom.cjclark.org>
References: <20020405222555.C65380@over-yonder.net> <Pine.BSF.4.21.0204061322160.12246-100000@cody.jharris.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <Pine.BSF.4.21.0204061322160.12246-100000@cody.jharris.com>; from nick@rogness.net on Sat, Apr 06, 2002 at 01:57:44PM -0600
X-URL: http://people.freebsd.org/~cjc/
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-net.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-net>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-net>
X-Loop: FreeBSD.org

On Sat, Apr 06, 2002 at 01:57:44PM -0600, Nick Rogness wrote:
> On Fri, 5 Apr 2002, Matthew D. Fuller wrote:
> 
> > On Fri, Apr 05, 2002 at 06:48:09PM -0600 I heard the voice of
> > Nick Rogness, and lo! it spake thus:
> > > On Fri, 5 Apr 2002, Alex Rousskov wrote:
> > > >
> > > > 	- Is it possible without kernel modifications? How?
> > > 
> > > 	AFAIK, No.  Your only 2 possiblities that I could think of would
> > > 	be to use policy routing or natd.  Both will fail in this case.
> > 
> > You MIGHT be able to use ipfw divert/pipe rules to somehow shove the
> > packets into a program on their way out, and write a program that
> > would use raw sockets to hand-assemble the IP datagram on the way out;
> > I'm not sure if the kernel would try to outsmart you on that.
> 
> 	Yeh, I thought of that. The problem is packets never leave
> 	anywhere since the route for the other NIC is not "OUT" any
> 	interface...it is the machine itself.

Then never go over a _physical_ inteface, but they _do_ cross an
interface, lo0, the internal loopback.

  ipfw fwd <external gateway> ip from <ip_if0> to <ip_if1> in via lo0

-- 
Crist J. Clark                     |     cjclark@alum.mit.edu
                                   |     cjclark@jhu.edu
http://people.freebsd.org/~cjc/    |     cjc@freebsd.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message