From owner-freebsd-hackers Thu May 21 17:40:58 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id RAA13131 for freebsd-hackers-outgoing; Thu, 21 May 1998 17:40:58 -0700 (PDT) (envelope-from owner-freebsd-hackers@FreeBSD.ORG) Received: from antipodes.cdrom.com (castles145.castles.com [208.214.165.145]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA12935 for ; Thu, 21 May 1998 17:40:14 -0700 (PDT) (envelope-from mike@antipodes.cdrom.com) Received: from antipodes.cdrom.com (localhost [127.0.0.1]) by antipodes.cdrom.com (8.8.8/8.8.5) with ESMTP id QAA05440; Thu, 21 May 1998 16:36:19 -0700 (PDT) Message-Id: <199805212336.QAA05440@antipodes.cdrom.com> X-Mailer: exmh version 2.0zeta 7/24/97 To: "L.C." cc: hackers@FreeBSD.ORG Subject: Re: Questions about Packet Filter In-reply-to: Your message of "Thu, 21 May 1998 11:06:13 PDT." <19980521180613.19279.rocketmail@send1d.yahoomail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Thu, 21 May 1998 16:36:19 -0700 From: Mike Smith Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Many thanks to all the knowledgeable people for the valuable > information. I will read the book you mentioned, try the methods you > suggested and do more research on these. > > Ever developed the drivers about two years ago to intercept the > packages in the link layer(NDIS in Windows...) and just finished a > project to intercept the data stream in the socket level(LSP in > WinSock2)I need to port all these Windows codes to possible UNIX > platforms. I've done some UNIX programming in both kernel and > application levels before but never played BPF or DLPI rationales. I > do have further questions: > > 1. Are the ipfilter tools using divert() function that Mike and Dan > mentioned available in somewhere? ipfilter is Darren Reed's in-kernel firewall product. divert(4) is a FreeBSD-native feature. It is not, to the best of my knowledge, emulated by anything else. > 2. So, there is no any way, tool, or utility can intercept the data > flowing in the socket level(like LSP in WinSock2)? Any plan about this? Under FreeBSD, divert(4) is your friend. Others have made suggestions for other systems. -- \\ Sometimes you're ahead, \\ Mike Smith \\ sometimes you're behind. \\ mike@smith.net.au \\ The race is long, and in the \\ msmith@freebsd.org \\ end it's only with yourself. \\ msmith@cdrom.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message