Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 21 May 1998 16:36:19 -0700
From:      Mike Smith <mike@smith.net.au>
To:        "L.C." <lc001@yahoo.com>
Cc:        hackers@FreeBSD.ORG
Subject:   Re: Questions about Packet Filter 
Message-ID:  <199805212336.QAA05440@antipodes.cdrom.com>
In-Reply-To: Your message of "Thu, 21 May 1998 11:06:13 PDT." <19980521180613.19279.rocketmail@send1d.yahoomail.com> 

next in thread | previous in thread | raw e-mail | index | archive | help
> Many thanks to all the knowledgeable people for the valuable
> information. I will read the book you mentioned, try the methods you
> suggested and do more research on these.
> 
> Ever developed the drivers about two years ago to intercept the
> packages in the link layer(NDIS in Windows...) and just finished a
> project to intercept the data stream in the socket level(LSP in
> WinSock2)I need to port all these Windows codes to possible UNIX
> platforms. I've done some UNIX programming in both kernel and
> application levels before but never played BPF or DLPI rationales. I
> do have further questions:
> 
> 1. Are the ipfilter tools using divert() function that Mike and Dan
> mentioned available in somewhere? 

ipfilter is Darren Reed's in-kernel firewall product.

divert(4) is a FreeBSD-native feature.  It is not, to the best of my
knowledge, emulated by anything else.

> 2. So, there is no any way, tool, or utility can intercept the data
> flowing in the socket level(like LSP in WinSock2)? Any plan about this?

Under FreeBSD, divert(4) is your friend.  Others have made suggestions 
for other systems.

-- 
\\  Sometimes you're ahead,       \\  Mike Smith
\\  sometimes you're behind.      \\  mike@smith.net.au
\\  The race is long, and in the  \\  msmith@freebsd.org
\\  end it's only with yourself.  \\  msmith@cdrom.com



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199805212336.QAA05440>