Date: Fri, 22 Dec 2006 10:05:50 -0600 From: Brooks Davis <brooks@one-eyed-alien.net> To: Fabr?cio Barros Cabral <fxcabral@yahoo.com.br> Cc: freebsd-net@freebsd.org Subject: Re: Intercepting a packet, changing it and re-injecting into the network Message-ID: <20061222160550.GD47710@lor.one-eyed-alien.net> In-Reply-To: <1166802209.7642.17.camel@hades.no-ip.org> References: <1166802209.7642.17.camel@hades.no-ip.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--W5WqUoFLvi1M7tJE Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Dec 22, 2006 at 12:43:29PM -0300, Fabr?cio Barros Cabral wrote: > Hello everybody! >=20 > I'm developing a network application which needs *to intercept* a packet > (not just *copy* a packet, like libpcap does), move this packet into my > application (userland), do some checking in the packet and according > with some heuristics, the application may change the payload and > re-inject the modified packet into the network. Note that sometimes, > I'll change the payload, drop the packet or just let it go. >=20 > So, how can a I do that in FreeBSD? I can use 6.1, 7.1, any version. The feature you're looking for is divert(4) sockets. You use IPFW to decide which packets to divert to userland and can reinject them as needed. -- Brooks --W5WqUoFLvi1M7tJE Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (FreeBSD) iD8DBQFFjAJeXY6L6fI4GtQRAqb/AKCt0s6N8YLucoERhtW65TesdZMy+ACgyN8T jmhHTlRYgRVLvV8kbShZU8Q= =KfkF -----END PGP SIGNATURE----- --W5WqUoFLvi1M7tJE--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061222160550.GD47710>