From owner-freebsd-hackers@FreeBSD.ORG Wed Oct 15 02:41:39 2008 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CCBAC1065686 for ; Wed, 15 Oct 2008 02:41:39 +0000 (UTC) (envelope-from alancyang@gmail.com) Received: from yw-out-2324.google.com (yw-out-2324.google.com [74.125.46.30]) by mx1.freebsd.org (Postfix) with ESMTP id 7FE708FC14 for ; Wed, 15 Oct 2008 02:41:39 +0000 (UTC) (envelope-from alancyang@gmail.com) Received: by yw-out-2324.google.com with SMTP id 9so603207ywe.13 for ; Tue, 14 Oct 2008 19:41:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=5EqdjOsZVNqrHQuGGCs+2nupF8MLtxWnfXPaI2gOLUM=; b=kduOWOuu/il2wmvydLBQQ9fBJ56fj3GfrwqHtulL6nm1dsfKJ2nLsLi+HBzbMzemlj +fSa9NQ8AKDGayurp8+qGPmt5k8le/ZZxaH/G8HEb0So3r8qcBSbRIlaD7I3ihfcbjtU j5Xij+/51yeGwxl+MS0Sr9pLsbVGSSqb/0IKg= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=r5+IJI1VFVMQ45RX4qPyeZ5CusPvfrEoaCCaBSwgNm6l+PGKRl4l3cVa/HSBB42UmP 3helkBTxm8B9dVQDTGqgWOkWQAOqKo3qhsSVb7xdA9bTfQAt7VX72dUA+42jIB75JwaR ooidcigp7UVA8fluWrbDb+JG2E8x3VQmfTek8= Received: by 10.150.134.21 with SMTP id h21mr927685ybd.181.1224038498711; Tue, 14 Oct 2008 19:41:38 -0700 (PDT) Received: by 10.150.191.21 with HTTP; Tue, 14 Oct 2008 19:41:38 -0700 (PDT) Message-ID: <290865fd0810141941l7c63a8e6l1c9c4839518c9ac8@mail.gmail.com> Date: Tue, 14 Oct 2008 19:41:38 -0700 From: "alan yang" To: "Max Laier" In-Reply-To: <200810150302.03949.max@love2party.net> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <290865fd0810141747l39b80e2ao329c8212061a67c1@mail.gmail.com> <200810150302.03949.max@love2party.net> Cc: freebsd-hackers@freebsd.org, freebsd-questions@freebsd.org Subject: Re: tracing pf code X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Oct 2008 02:41:39 -0000 yes, exact. thanks a lot! On Tue, Oct 14, 2008 at 6:02 PM, Max Laier wrote: > On Wednesday 15 October 2008 02:47:46 alan yang wrote: >> hello, >> >> for pf port on freebsd, i would like to trace the packet flow, looking >> at from ether_input -> etiher_demux -> ip_input -> tcp_input where / >> how pf handles / process the packet. >> >> can people shed some lights where to start. really appreciate. > > ps hooks into the pfil(9) hook point in ip[6]_{in,out}put(). Look for calls > to "pfil_run_hooks" in the code. From there the call proceeds to the hook > functions defined in pf_ioctl.c pf_check_{in,out}[6]. > > The processing inside pf is best understood by looking at the following chart: > http://homepage.mac.com/quension/pf/flow.png > > Is this the information you are looking for? > > -- > /"\ Best regards, | mlaier@freebsd.org > \ / Max Laier | ICQ #67774661 > X http://pf4freebsd.love2party.net/ | mlaier@EFnet > / \ ASCII Ribbon Campaign | Against HTML Mail and News >