From owner-freebsd-net@FreeBSD.ORG Tue Apr 25 02:57:16 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 15AA016A401 for ; Tue, 25 Apr 2006 02:57:16 +0000 (UTC) (envelope-from kbyanc@posi.net) Received: from ylpvm12.prodigy.net (ylpvm12-ext.prodigy.net [207.115.57.43]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8C3F343D48 for ; Tue, 25 Apr 2006 02:57:15 +0000 (GMT) (envelope-from kbyanc@posi.net) Received: from pimout7-ext.prodigy.net (pimout7-int.prodigy.net [207.115.4.147]) by ylpvm12.prodigy.net (8.12.10 outbound/8.12.10) with ESMTP id k3P2v4bJ024947 for ; Mon, 24 Apr 2006 22:57:04 -0400 X-ORBL: [70.231.132.141] Received: from gateway.posi.net (adsl-70-231-132-141.dsl.snfc21.sbcglobal.net [70.231.132.141]) by pimout7-ext.prodigy.net (8.13.6 out.dk/8.13.6) with ESMTP id k3P2vCI3028264; Mon, 24 Apr 2006 22:57:13 -0400 Received: from localhost (localhost [127.0.0.1]) by gateway.posi.net (Postfix) with ESMTP id 48CB275E05F; Mon, 24 Apr 2006 21:05:16 -0700 (PDT) Date: Mon, 24 Apr 2006 21:05:15 -0700 (PDT) From: Kelly Yancey To: Amit Mondal In-Reply-To: Message-ID: <20060424210235.T44267@gateway.posi.net> References: MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="0-900672489-1145937915=:44267" Cc: freebsd-net@freebsd.org Subject: Re: freeBSD /ipfw/ divert socket X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Apr 2006 02:57:16 -0000 This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mime@docserver.cac.washington.edu for more info. --0-900672489-1145937915=:44267 Content-Type: TEXT/PLAIN; charset=US-ASCII On Fri, 21 Apr 2006, Amit Mondal wrote: > Hi All, > > I need a little help with FreeBSD Kernel stuff. I wanna use Divert Socket to > sniff IP packet in FreeBSD. > For that I have compiled the kernel with options IPDIVERT and everything is > ok. > > Now, when I am not really sniffing and re-injecting the packet back to the > network stack, it is basically dropping all the packets. But I want it > pass-through it, when no application is reading at divert socket. My > question is, HOW CAN I MAKE IT PASS-THROUGH? IF NO APPLICATION IS READING > FROM DIVERT SOCKET, IT SHOULD WORK AS IF THERE IS NO DIVERT SOCKET. > > Thanks in adavnce > > Rgds > Amit > Attached is a really old patch I made against FreeBSD 4.7. It might apply to 4.9. Even if it doesn't, it should give you a pretty good idea how to implement the functionality you desire. Kelly -- Kelly Yancey - kbyanc@{posi.net,FreeBSD.org} - kelly@nttmcl.com FreeBSD, The Power To Serve: http://www.freebsd.org/ --0-900672489-1145937915=:44267 Content-Type: TEXT/PLAIN; charset=US-ASCII; name="ipfw2-fwd.diff" Content-Transfer-Encoding: BASE64 Content-ID: <20060424210515.G44267@gateway.posi.net> Content-Description: Content-Disposition: attachment; filename="ipfw2-fwd.diff" SW5kZXg6IGlwX2Z3Mi5jDQo9PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09DQpSQ1Mg ZmlsZTogL2hvbWUvY3ZzL2Fjcy9iYXNlL3NyYy9zeXMvbmV0aW5ldC9pcF9m dzIuYyx2DQpyZXRyaWV2aW5nIHJldmlzaW9uIDEuOQ0KcmV0cmlldmluZyBy ZXZpc2lvbiAxLjExDQpkaWZmIC11IC1wIC1yMS45IC1yMS4xMQ0KLS0tIGlw X2Z3Mi5jCTMgSmFuIDIwMDMgMjM6MzQ6MTkgLTAwMDAJMS45DQorKysgaXBf ZncyLmMJOCBKYW4gMjAwMyAwNjoxNDo0OCAtMDAwMAkxLjExDQpAQCAtNTgw LDE3ICs1ODAsMTcgQEAgaXBmd19sb2coc3RydWN0IGlwX2Z3ICpmLCB1X2lu dCBobGVuLCBzdA0KIAl9DQogCWlmIChvaWYgfHwgbS0+bV9wa3RoZHIucmN2 aWYpDQogCQlsb2coTE9HX1NFQ1VSSVRZIHwgTE9HX0lORk8sDQotCQkgICAg ImlwZnc6ICVkICVzICVzICVzIHZpYSAlcyVkJXNcbiIsDQorCQkgICAgImlw Znc6ICVkICVzICVzICVzIHZpYSAlcyVkJXMgKGxheWVyICVkKVxuIiwNCiAJ CSAgICBmID8gZi0+cnVsZW51bSA6IC0xLA0KIAkJICAgIGFjdGlvbiwgcHJv dG8sIG9pZiA/ICJvdXQiIDogImluIiwNCiAJCSAgICBvaWYgPyBvaWYtPmlm X25hbWUgOiBtLT5tX3BrdGhkci5yY3ZpZi0+aWZfbmFtZSwNCiAJCSAgICBv aWYgPyBvaWYtPmlmX3VuaXQgOiBtLT5tX3BrdGhkci5yY3ZpZi0+aWZfdW5p dCwNCi0JCSAgICBmcmFnbWVudCk7DQorCQkgICAgZnJhZ21lbnQsIGVoID8g MiA6IDMpOw0KIAllbHNlDQogCQlsb2coTE9HX1NFQ1VSSVRZIHwgTE9HX0lO Rk8sDQotCQkgICAgImlwZnc6ICVkICVzICVzIFtubyBpZiBpbmZvXSVzXG4i LA0KKwkJICAgICJpcGZ3OiAlZCAlcyAlcyBbbm8gaWYgaW5mb10lcyAobGF5 ZXIgJWQpXG4iLA0KIAkJICAgIGYgPyBmLT5ydWxlbnVtIDogLTEsDQotCQkg ICAgYWN0aW9uLCBwcm90bywgZnJhZ21lbnQpOw0KKwkJICAgIGFjdGlvbiwg cHJvdG8sIGZyYWdtZW50LCBlaCA/IDIgOiAzKTsNCiAJaWYgKGxpbWl0X3Jl YWNoZWQpDQogCQlsb2coTE9HX1NFQ1VSSVRZIHwgTE9HX05PVElDRSwNCiAJ CSAgICAiaXBmdzogbGltaXQgJWQgcmVhY2hlZCBvbiBlbnRyeSAlZFxuIiwN CkBAIC0xOTM5LDggKzE5MzksMTAgQEAgY2hlY2tfYm9keToNCiAJCQkJZ290 byBkb25lOw0KIA0KIAkJCWNhc2UgT19GT1JXQVJEX0lQOg0KLQkJCQlpZiAo YXJncy0+ZWgpCS8qIG5vdCB2YWxpZCBvbiBsYXllcjIgcGt0cyAqLw0KLQkJ CQkJYnJlYWs7DQorCQkJCWlmIChhcmdzLT5laCAmJiBvaWYgIT0gTlVMTCkg ew0KKwkJCQkJLyogaWdub3JlIG91dGJvdW5kIGxheWVyMiBwa3RzICovDQor CQkJCQlnb3RvIG5leHRfcnVsZTsNCisJCQkJfQ0KIAkJCQlpZiAoIXEgfHwg ZHluX2RpciA9PSBNQVRDSF9GT1JXQVJEKQ0KIAkJCQkJYXJncy0+bmV4dF9o b3AgPQ0KIAkJCQkJICAgICYoKGlwZndfaW5zbl9zYSAqKWNtZCktPnNhOw0K SW5kZXg6IGlwX2lucHV0LmMNCj09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0NClJD UyBmaWxlOiAvaG9tZS9jdnMvYWNzL2Jhc2Uvc3JjL3N5cy9uZXRpbmV0L2lw X2lucHV0LmMsdg0KcmV0cmlldmluZyByZXZpc2lvbiAxLjE0DQpyZXRyaWV2 aW5nIHJldmlzaW9uIDEuMTYNCmRpZmYgLXUgLXAgLXIxLjE0IC1yMS4xNg0K LS0tIGlwX2lucHV0LmMJMyBKYW4gMjAwMyAwNDo0Njo1MyAtMDAwMAkxLjE0 DQorKysgaXBfaW5wdXQuYwk4IEphbiAyMDAzIDA2OjE2OjA2IC0wMDAwCTEu MTYNCkBAIC0zNjksOCArMzY5LDE4IEBAIGlwX2lucHV0KHN0cnVjdCBtYnVm ICptKQ0KIAkJY2FzZSBQQUNLRVRfVEFHX0lQRk9SV0FSRDoNCiAJCQlhcmdz Lm5leHRfaG9wID0gKHN0cnVjdCBzb2NrYWRkcl9pbiAqKW0tPm1faGRyLm1o X2RhdGE7DQogCQkJYnJlYWs7DQorCQljYXNlIFBBQ0tFVF9UQUdfSVBGT1JX QVJEIHwgTV9QUk9UTzU6IHsNCisJCQkvKiBYWFggVGhpcyBzaG91bGQgYmUg dGFrZW4gb3V0IGFuZCBzaG90ISAqLw0KKwkJCXN0cnVjdCBtYnVmICp0YWcg PSBtOw0KKwkJCW0gPSBtLT5tX25leHQ7DQorCQkJYXJncy5uZXh0X2hvcCA9 IChzdHJ1Y3Qgc29ja2FkZHJfaW4gKil0YWctPm1faGRyLm1oX2RhdGE7DQor CQkJbV9mcmVlKHRhZyk7DQorCQkJS0FTU0VSVChtLT5tX3R5cGUgIT0gTVRf VEFHLCAoIlhYWCBraWxsIG1lIikpOw0KKwkJCWdvdG8gcG9zdHRhZ3M7DQor CQkJfQ0KIAkJfQ0KIAl9DQorcG9zdHRhZ3M6DQogDQogCUtBU1NFUlQobSAh PSBOVUxMICYmIChtLT5tX2ZsYWdzICYgTV9QS1RIRFIpICE9IDAsDQogCSAg ICAoImlwX2lucHV0OiBubyBIRFIiKSk7DQpJbmRleDogaWZfZXRoZXJzdWJy LmMNCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT0NClJDUyBmaWxlOiAvaG9tZS9j dnMvYWNzL2Jhc2Uvc3JjL3N5cy9uZXQvaWZfZXRoZXJzdWJyLmMsdg0KcmV0 cmlldmluZyByZXZpc2lvbiAxLjkNCnJldHJpZXZpbmcgcmV2aXNpb24gMS4x MQ0KZGlmZiAtdSAtcCAtcjEuOSAtcjEuMTENCi0tLSBpZl9ldGhlcnN1YnIu YwkzIEphbiAyMDAzIDA0OjQwOjA2IC0wMDAwCTEuOQ0KKysrIGlmX2V0aGVy c3Vici5jCTggSmFuIDIwMDMgMDY6MTY6MDUgLTAwMDAJMS4xMQ0KQEAgLTUw MSw3ICs1MDEsNyBAQCBldGhlcl9pcGZ3X2NoayhzdHJ1Y3QgbWJ1ZiAqKm0w LCBzdHJ1Y3QgDQogCWFyZ3Mub2lmID0gZmxhZ3MgJiBFVEhFUl9JUEZXX09V VFBVVCA/IGlmcCA6IE5VTEw7DQogCWFyZ3MuZGl2ZXJ0X3J1bGUgPSBkaXZl cnRfcnVsZTsNCiAJYXJncy5ydWxlID0gKnJ1bGU7CS8qIG1hdGNoaW5nIHJ1 bGUgdG8gcmVzdGFydAkJKi8NCi0JYXJncy5uZXh0X2hvcCA9IE5VTEw7CS8q IHdlIGRvIG5vdCBzdXBwb3J0IGZvcndhcmQgeWV0CSovDQorCWFyZ3MubmV4 dF9ob3AgPSBOVUxMOwkvKiBJUEZPUldBUkQJCQkJKi8NCiAJYXJncy5laCA9 ICZzYXZlX2VoOwkvKiBNQUMgaGVhZGVyIGZvciBicmlkZ2VkL01BQyBwYWNr ZXRzCSovDQogCWkgPSBpcF9md19jaGtfcHRyKCZhcmdzKTsNCiAJKm0wID0g YXJncy5tOw0KQEAgLTUxMCw3ICs1MTAsNyBAQCBldGhlcl9pcGZ3X2Noayhz dHJ1Y3QgbWJ1ZiAqKm0wLCBzdHJ1Y3QgDQogCWlmICggKGkgJiBJUF9GV19Q T1JUX0RFTllfRkxBRykgfHwgKm0wID09IE5VTEwpIC8qIGRyb3AgKi8NCiAJ CXJldHVybiAwOw0KIA0KLQlpZiAoaSA9PSAwKSAvKiBhIFBBU1MgcnVsZS4g ICovDQorCWlmIChpID09IDAgJiYgYXJncy5uZXh0X2hvcCA9PSBOVUxMKSAv KiBhIFBBU1MgcnVsZS4gICovDQogCQlyZXR1cm4gMTsNCiANCiAJaWYgKERV TU1ZTkVUX0xPQURFRCAmJiAoaSAmIElQX0ZXX1BPUlRfRFlOVF9GTEFHKSkg ew0KQEAgLTU4OSw2ICs1ODksMzYgQEAgZXRoZXJfaXBmd19jaGsoc3RydWN0 IG1idWYgKiptMCwgc3RydWN0IA0KIA0KIAkJLyogSWYgJ3RlZScsIGNvbnRp bnVlIHdpdGggb3JpZ2luYWwgcGFja2V0ICovDQogCQlyZXR1cm4gKGNsb25l ICE9IE5VTEwpOw0KKwl9DQorI2VuZGlmDQorDQorI2lmZGVmIElORVQNCisJ LyoNCisJICogSVBGSVJFV0FMTF9GT1JXQVJEDQorCSAqDQorCSAqIFhYWCBP bmx5IHN1cHBvcnQgSVAgZm9yd2FyZGluZyBkdXJpbmcgaW4tYm91bmQgcHJv Y2Vzc2luZy4NCisJICovDQorCWlmIChpID09IDAgJiYgYXJncy5uZXh0X2hv cCAhPSBOVUxMICYmIGFyZ3Mub2lmID09IE5VTEwpIHsNCisJCS8qDQorCQkg KiBQYWNrZXQgbXVzdCBiZSBJUCB0byBtYXRjaCBhbiBJUCBmb3J3YXJkIHJ1 bGUuICBUYWcgaXQgYW5kDQorCQkgKiBwYXNzIGl0IGFsb25nIHRvIGlwX2lu cHV0KCkgZm9yIHByb2Nlc3NpbmcuDQorCQkgKiBYWFggUmVsaWVzIG9uIG5v dGhpbmcgaW4gdGhlIG5ldGlzciBwcm9jZXNzaW5nIGV4YW1pbmluZw0KKwkJ ICogICAgIHRoZSBsZWFkaW5nIG1idWYgYXMgaXQncyBvdXIgdGFnIHJhdGhl ciB0aGFuIGEgcHJvcGVyDQorCQkgKiAgICAgcGFja2V0IGhlYWRlci4NCisJ CSAqIFhYWCBUaGlzIGlzIHByZXR0eSBleHBlbnNpdmUgKGFuZCB1Z2x5ISku ICBUaGlzIGNhbiBiZQ0KKwkJICogICAgIGNsZWFuZWQgdXAgdXNpbmcgLWN1 cnJlbnQncyBwYWNrZXQgdGFnZ2luZy4NCisJCSAqLw0KKwkJc3RydWN0IG1i dWYgKnRhZzsNCisNCisJCU1HRVRIRFIodGFnLCBNX0RPTlRXQUlULCBNVF9U QUcpOw0KKwkJdGFnLT5tX2hkci5taF9mbGFncyA9IFBBQ0tFVF9UQUdfSVBG T1JXQVJEIHwgTV9QUk9UTzU7IC8qIEhhY2shICovDQorCQl0YWctPm1faGRy Lm1oX2RhdGEgPSAoY2FkZHJfdClhcmdzLm5leHRfaG9wOw0KKwkJdGFnLT5t X2hkci5taF9uZXh0ID0gKm0wOw0KKw0KKwkJc2NoZWRuZXRpc3IoTkVUSVNS X0lQKTsNCisJCSh2b2lkKSBJRl9IQU5ET0ZGKCZpcGludHJxLCB0YWcsIE5V TEwpOw0KKwkJKm0wID0gTlVMTDsNCisJCXJldHVybiAwOw0KIAl9DQogI2Vu ZGlmDQogDQo= --0-900672489-1145937915=:44267--