Date: Mon, 24 Apr 2006 21:05:15 -0700 (PDT) From: Kelly Yancey <kbyanc@posi.net> To: Amit Mondal <amit.freebsd@gmail.com> Cc: freebsd-net@freebsd.org Subject: Re: freeBSD /ipfw/ divert socket Message-ID: <20060424210235.T44267@gateway.posi.net> In-Reply-To: <a6cf19a10604202244q40dd981dq66b56f435ee245c8@mail.gmail.com> References: <a6cf19a10604202244q40dd981dq66b56f435ee245c8@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This message is in MIME format. The first part should be readable text,
while the remaining parts are likely unreadable without MIME-aware tools.
Send mail to mime@docserver.cac.washington.edu for more info.
--0-900672489-1145937915=:44267
Content-Type: TEXT/PLAIN; charset=US-ASCII
On Fri, 21 Apr 2006, Amit Mondal wrote:
> Hi All,
>
> I need a little help with FreeBSD Kernel stuff. I wanna use Divert Socket to
> sniff IP packet in FreeBSD.
> For that I have compiled the kernel with options IPDIVERT and everything is
> ok.
>
> Now, when I am not really sniffing and re-injecting the packet back to the
> network stack, it is basically dropping all the packets. But I want it
> pass-through it, when no application is reading at divert socket. My
> question is, HOW CAN I MAKE IT PASS-THROUGH? IF NO APPLICATION IS READING
> FROM DIVERT SOCKET, IT SHOULD WORK AS IF THERE IS NO DIVERT SOCKET.
>
> Thanks in adavnce
>
> Rgds
> Amit
>
Attached is a really old patch I made against FreeBSD 4.7. It might
apply to 4.9. Even if it doesn't, it should give you a pretty good idea
how to implement the functionality you desire.
Kelly
--
Kelly Yancey - kbyanc@{posi.net,FreeBSD.org} - kelly@nttmcl.com
FreeBSD, The Power To Serve: http://www.freebsd.org/
--0-900672489-1145937915=:44267
Content-Type: TEXT/PLAIN; charset=US-ASCII; name="ipfw2-fwd.diff"
Content-Transfer-Encoding: BASE64
Content-ID: <20060424210515.G44267@gateway.posi.net>
Content-Description:
Content-Disposition: attachment; filename="ipfw2-fwd.diff"
SW5kZXg6IGlwX2Z3Mi5jDQo9PT09PT09PT09PT09PT09PT09PT09PT09PT09
PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09DQpSQ1Mg
ZmlsZTogL2hvbWUvY3ZzL2Fjcy9iYXNlL3NyYy9zeXMvbmV0aW5ldC9pcF9m
dzIuYyx2DQpyZXRyaWV2aW5nIHJldmlzaW9uIDEuOQ0KcmV0cmlldmluZyBy
ZXZpc2lvbiAxLjExDQpkaWZmIC11IC1wIC1yMS45IC1yMS4xMQ0KLS0tIGlw
X2Z3Mi5jCTMgSmFuIDIwMDMgMjM6MzQ6MTkgLTAwMDAJMS45DQorKysgaXBf
ZncyLmMJOCBKYW4gMjAwMyAwNjoxNDo0OCAtMDAwMAkxLjExDQpAQCAtNTgw
LDE3ICs1ODAsMTcgQEAgaXBmd19sb2coc3RydWN0IGlwX2Z3ICpmLCB1X2lu
dCBobGVuLCBzdA0KIAl9DQogCWlmIChvaWYgfHwgbS0+bV9wa3RoZHIucmN2
aWYpDQogCQlsb2coTE9HX1NFQ1VSSVRZIHwgTE9HX0lORk8sDQotCQkgICAg
ImlwZnc6ICVkICVzICVzICVzIHZpYSAlcyVkJXNcbiIsDQorCQkgICAgImlw
Znc6ICVkICVzICVzICVzIHZpYSAlcyVkJXMgKGxheWVyICVkKVxuIiwNCiAJ
CSAgICBmID8gZi0+cnVsZW51bSA6IC0xLA0KIAkJICAgIGFjdGlvbiwgcHJv
dG8sIG9pZiA/ICJvdXQiIDogImluIiwNCiAJCSAgICBvaWYgPyBvaWYtPmlm
X25hbWUgOiBtLT5tX3BrdGhkci5yY3ZpZi0+aWZfbmFtZSwNCiAJCSAgICBv
aWYgPyBvaWYtPmlmX3VuaXQgOiBtLT5tX3BrdGhkci5yY3ZpZi0+aWZfdW5p
dCwNCi0JCSAgICBmcmFnbWVudCk7DQorCQkgICAgZnJhZ21lbnQsIGVoID8g
MiA6IDMpOw0KIAllbHNlDQogCQlsb2coTE9HX1NFQ1VSSVRZIHwgTE9HX0lO
Rk8sDQotCQkgICAgImlwZnc6ICVkICVzICVzIFtubyBpZiBpbmZvXSVzXG4i
LA0KKwkJICAgICJpcGZ3OiAlZCAlcyAlcyBbbm8gaWYgaW5mb10lcyAobGF5
ZXIgJWQpXG4iLA0KIAkJICAgIGYgPyBmLT5ydWxlbnVtIDogLTEsDQotCQkg
ICAgYWN0aW9uLCBwcm90bywgZnJhZ21lbnQpOw0KKwkJICAgIGFjdGlvbiwg
cHJvdG8sIGZyYWdtZW50LCBlaCA/IDIgOiAzKTsNCiAJaWYgKGxpbWl0X3Jl
YWNoZWQpDQogCQlsb2coTE9HX1NFQ1VSSVRZIHwgTE9HX05PVElDRSwNCiAJ
CSAgICAiaXBmdzogbGltaXQgJWQgcmVhY2hlZCBvbiBlbnRyeSAlZFxuIiwN
CkBAIC0xOTM5LDggKzE5MzksMTAgQEAgY2hlY2tfYm9keToNCiAJCQkJZ290
byBkb25lOw0KIA0KIAkJCWNhc2UgT19GT1JXQVJEX0lQOg0KLQkJCQlpZiAo
YXJncy0+ZWgpCS8qIG5vdCB2YWxpZCBvbiBsYXllcjIgcGt0cyAqLw0KLQkJ
CQkJYnJlYWs7DQorCQkJCWlmIChhcmdzLT5laCAmJiBvaWYgIT0gTlVMTCkg
ew0KKwkJCQkJLyogaWdub3JlIG91dGJvdW5kIGxheWVyMiBwa3RzICovDQor
CQkJCQlnb3RvIG5leHRfcnVsZTsNCisJCQkJfQ0KIAkJCQlpZiAoIXEgfHwg
ZHluX2RpciA9PSBNQVRDSF9GT1JXQVJEKQ0KIAkJCQkJYXJncy0+bmV4dF9o
b3AgPQ0KIAkJCQkJICAgICYoKGlwZndfaW5zbl9zYSAqKWNtZCktPnNhOw0K
SW5kZXg6IGlwX2lucHV0LmMNCj09PT09PT09PT09PT09PT09PT09PT09PT09
PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0NClJD
UyBmaWxlOiAvaG9tZS9jdnMvYWNzL2Jhc2Uvc3JjL3N5cy9uZXRpbmV0L2lw
X2lucHV0LmMsdg0KcmV0cmlldmluZyByZXZpc2lvbiAxLjE0DQpyZXRyaWV2
aW5nIHJldmlzaW9uIDEuMTYNCmRpZmYgLXUgLXAgLXIxLjE0IC1yMS4xNg0K
LS0tIGlwX2lucHV0LmMJMyBKYW4gMjAwMyAwNDo0Njo1MyAtMDAwMAkxLjE0
DQorKysgaXBfaW5wdXQuYwk4IEphbiAyMDAzIDA2OjE2OjA2IC0wMDAwCTEu
MTYNCkBAIC0zNjksOCArMzY5LDE4IEBAIGlwX2lucHV0KHN0cnVjdCBtYnVm
ICptKQ0KIAkJY2FzZSBQQUNLRVRfVEFHX0lQRk9SV0FSRDoNCiAJCQlhcmdz
Lm5leHRfaG9wID0gKHN0cnVjdCBzb2NrYWRkcl9pbiAqKW0tPm1faGRyLm1o
X2RhdGE7DQogCQkJYnJlYWs7DQorCQljYXNlIFBBQ0tFVF9UQUdfSVBGT1JX
QVJEIHwgTV9QUk9UTzU6IHsNCisJCQkvKiBYWFggVGhpcyBzaG91bGQgYmUg
dGFrZW4gb3V0IGFuZCBzaG90ISAqLw0KKwkJCXN0cnVjdCBtYnVmICp0YWcg
PSBtOw0KKwkJCW0gPSBtLT5tX25leHQ7DQorCQkJYXJncy5uZXh0X2hvcCA9
IChzdHJ1Y3Qgc29ja2FkZHJfaW4gKil0YWctPm1faGRyLm1oX2RhdGE7DQor
CQkJbV9mcmVlKHRhZyk7DQorCQkJS0FTU0VSVChtLT5tX3R5cGUgIT0gTVRf
VEFHLCAoIlhYWCBraWxsIG1lIikpOw0KKwkJCWdvdG8gcG9zdHRhZ3M7DQor
CQkJfQ0KIAkJfQ0KIAl9DQorcG9zdHRhZ3M6DQogDQogCUtBU1NFUlQobSAh
PSBOVUxMICYmIChtLT5tX2ZsYWdzICYgTV9QS1RIRFIpICE9IDAsDQogCSAg
ICAoImlwX2lucHV0OiBubyBIRFIiKSk7DQpJbmRleDogaWZfZXRoZXJzdWJy
LmMNCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09
PT09PT09PT09PT09PT09PT09PT09PT09PT0NClJDUyBmaWxlOiAvaG9tZS9j
dnMvYWNzL2Jhc2Uvc3JjL3N5cy9uZXQvaWZfZXRoZXJzdWJyLmMsdg0KcmV0
cmlldmluZyByZXZpc2lvbiAxLjkNCnJldHJpZXZpbmcgcmV2aXNpb24gMS4x
MQ0KZGlmZiAtdSAtcCAtcjEuOSAtcjEuMTENCi0tLSBpZl9ldGhlcnN1YnIu
YwkzIEphbiAyMDAzIDA0OjQwOjA2IC0wMDAwCTEuOQ0KKysrIGlmX2V0aGVy
c3Vici5jCTggSmFuIDIwMDMgMDY6MTY6MDUgLTAwMDAJMS4xMQ0KQEAgLTUw
MSw3ICs1MDEsNyBAQCBldGhlcl9pcGZ3X2NoayhzdHJ1Y3QgbWJ1ZiAqKm0w
LCBzdHJ1Y3QgDQogCWFyZ3Mub2lmID0gZmxhZ3MgJiBFVEhFUl9JUEZXX09V
VFBVVCA/IGlmcCA6IE5VTEw7DQogCWFyZ3MuZGl2ZXJ0X3J1bGUgPSBkaXZl
cnRfcnVsZTsNCiAJYXJncy5ydWxlID0gKnJ1bGU7CS8qIG1hdGNoaW5nIHJ1
bGUgdG8gcmVzdGFydAkJKi8NCi0JYXJncy5uZXh0X2hvcCA9IE5VTEw7CS8q
IHdlIGRvIG5vdCBzdXBwb3J0IGZvcndhcmQgeWV0CSovDQorCWFyZ3MubmV4
dF9ob3AgPSBOVUxMOwkvKiBJUEZPUldBUkQJCQkJKi8NCiAJYXJncy5laCA9
ICZzYXZlX2VoOwkvKiBNQUMgaGVhZGVyIGZvciBicmlkZ2VkL01BQyBwYWNr
ZXRzCSovDQogCWkgPSBpcF9md19jaGtfcHRyKCZhcmdzKTsNCiAJKm0wID0g
YXJncy5tOw0KQEAgLTUxMCw3ICs1MTAsNyBAQCBldGhlcl9pcGZ3X2Noayhz
dHJ1Y3QgbWJ1ZiAqKm0wLCBzdHJ1Y3QgDQogCWlmICggKGkgJiBJUF9GV19Q
T1JUX0RFTllfRkxBRykgfHwgKm0wID09IE5VTEwpIC8qIGRyb3AgKi8NCiAJ
CXJldHVybiAwOw0KIA0KLQlpZiAoaSA9PSAwKSAvKiBhIFBBU1MgcnVsZS4g
ICovDQorCWlmIChpID09IDAgJiYgYXJncy5uZXh0X2hvcCA9PSBOVUxMKSAv
KiBhIFBBU1MgcnVsZS4gICovDQogCQlyZXR1cm4gMTsNCiANCiAJaWYgKERV
TU1ZTkVUX0xPQURFRCAmJiAoaSAmIElQX0ZXX1BPUlRfRFlOVF9GTEFHKSkg
ew0KQEAgLTU4OSw2ICs1ODksMzYgQEAgZXRoZXJfaXBmd19jaGsoc3RydWN0
IG1idWYgKiptMCwgc3RydWN0IA0KIA0KIAkJLyogSWYgJ3RlZScsIGNvbnRp
bnVlIHdpdGggb3JpZ2luYWwgcGFja2V0ICovDQogCQlyZXR1cm4gKGNsb25l
ICE9IE5VTEwpOw0KKwl9DQorI2VuZGlmDQorDQorI2lmZGVmIElORVQNCisJ
LyoNCisJICogSVBGSVJFV0FMTF9GT1JXQVJEDQorCSAqDQorCSAqIFhYWCBP
bmx5IHN1cHBvcnQgSVAgZm9yd2FyZGluZyBkdXJpbmcgaW4tYm91bmQgcHJv
Y2Vzc2luZy4NCisJICovDQorCWlmIChpID09IDAgJiYgYXJncy5uZXh0X2hv
cCAhPSBOVUxMICYmIGFyZ3Mub2lmID09IE5VTEwpIHsNCisJCS8qDQorCQkg
KiBQYWNrZXQgbXVzdCBiZSBJUCB0byBtYXRjaCBhbiBJUCBmb3J3YXJkIHJ1
bGUuICBUYWcgaXQgYW5kDQorCQkgKiBwYXNzIGl0IGFsb25nIHRvIGlwX2lu
cHV0KCkgZm9yIHByb2Nlc3NpbmcuDQorCQkgKiBYWFggUmVsaWVzIG9uIG5v
dGhpbmcgaW4gdGhlIG5ldGlzciBwcm9jZXNzaW5nIGV4YW1pbmluZw0KKwkJ
ICogICAgIHRoZSBsZWFkaW5nIG1idWYgYXMgaXQncyBvdXIgdGFnIHJhdGhl
ciB0aGFuIGEgcHJvcGVyDQorCQkgKiAgICAgcGFja2V0IGhlYWRlci4NCisJ
CSAqIFhYWCBUaGlzIGlzIHByZXR0eSBleHBlbnNpdmUgKGFuZCB1Z2x5ISku
ICBUaGlzIGNhbiBiZQ0KKwkJICogICAgIGNsZWFuZWQgdXAgdXNpbmcgLWN1
cnJlbnQncyBwYWNrZXQgdGFnZ2luZy4NCisJCSAqLw0KKwkJc3RydWN0IG1i
dWYgKnRhZzsNCisNCisJCU1HRVRIRFIodGFnLCBNX0RPTlRXQUlULCBNVF9U
QUcpOw0KKwkJdGFnLT5tX2hkci5taF9mbGFncyA9IFBBQ0tFVF9UQUdfSVBG
T1JXQVJEIHwgTV9QUk9UTzU7IC8qIEhhY2shICovDQorCQl0YWctPm1faGRy
Lm1oX2RhdGEgPSAoY2FkZHJfdClhcmdzLm5leHRfaG9wOw0KKwkJdGFnLT5t
X2hkci5taF9uZXh0ID0gKm0wOw0KKw0KKwkJc2NoZWRuZXRpc3IoTkVUSVNS
X0lQKTsNCisJCSh2b2lkKSBJRl9IQU5ET0ZGKCZpcGludHJxLCB0YWcsIE5V
TEwpOw0KKwkJKm0wID0gTlVMTDsNCisJCXJldHVybiAwOw0KIAl9DQogI2Vu
ZGlmDQogDQo=
--0-900672489-1145937915=:44267--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060424210235.T44267>