Date: Fri, 15 Sep 2000 18:54:49 -0600 From: Ben Schumacher <webmaster@cyalchemy.com> To: Julian Elischer <julian@elischer.org> Cc: freebsd-net@freebsd.org Subject: Re: netgraph based MAC authentication Message-ID: <5.0.0.25.2.20000915183859.026c2310@pop.henshaw.net> In-Reply-To: <39C089D8.167EB0E7@elischer.org> References: <5.0.0.25.2.20000913221340.00a04950@pop.henshaw.net>
next in thread | previous in thread | raw e-mail | index | archive | help
At 01:18 AM 9/14/2000 -0700, Julian Elischer wrote:
>back to the ethernet inteface....
>in 5.x and 4.x (not sure about 3.x) the ethernet interface has
>upper and lower hooks..
>
>If you receive a packet on "lower", and it's ok, then pass it back to
>'upper'
>to continue on it's way.
>(and visa versa)
Alright, I have starting working on a daemon that connects to the upper and
lower hooks on my interface, and pulls the MAC address from the packet and
sends the packet on its way. This all seems to be working properly, most
of the time. The two problems I'm having right now is that ARP packets
don't seem to be forwarding correctly through my daemon and more
importantly, DHCP packets seem to cause kernel panics.
Basically my code is a slight modified version of nghook. Here's the
relavent portions:
while(1) {
fd_set rfds;
FD_ZERO(&rfds);
FD_SET(0, &rfds);
FD_SET(dsock, &rfds);
if (select(FD_SETSIZE, &rfds, NULL, NULL, NULL) < 0)
err(EX_OSERR, "select");
if (FD_ISSET(dsock, &rfds)) {
time_t now;
u_char buf[BUF_SIZE];
char ihook[NG_HOOKLEN+1];
char *ohook;
int rl;
if ((rl = NgRecvData(dsock,
buf, sizeof(buf), ihook)) < 0)
err(EX_OSERR, "read(hook)");
if (rl == 0)
errx(EX_OSERR, "read EOF from hook?!");
now = time(NULL);
printf("%ld: RECV - HOOK: %s, BYTES: %d "
"(SRC: %02x:%02x:%02x:%02x:%02x:%02x)\n",
now, ihook, rl,
buf[6], buf[7], buf[8],
buf[9], buf[10], buf[11]);
if (!strcmp(ihook, NG_SOCK_UHOOK_NAME)) {
ohook = NG_SOCK_LHOOK_NAME;
}
else if (!strcmp(ihook, NG_SOCK_LHOOK_NAME)) {
ohook = NG_SOCK_UHOOK_NAME;
}
else {
errx(EX_OSERR,
"data received on unknown hook?!");
}
if (NgSendData(dsock, ohook, buf, rl) < 0) {
err(EX_OSERR, "NgSendData(%s)", ohook);
}
now = time(NULL);
printf("%ld: SENT - HOOK: %s, BYTES: %d "
"(TAR: %02x:%02x:%02x:%02x:%02x:%02x)\n",
now, ohook, rl,
buf[0], buf[1], buf[2],
buf[3], buf[4], buf[5]);
}
}
Can anybody give me any insight as to why this might be having the problems
I mentioned above? I realize it might be better to do what I'm trying to
do as a node, but since I have little experience using mbuf's, and haven't
been able to figure out where MAC address are stored in these, I thought
this might be an easier way to do what I'm proposing.
Thanks in advance,
- Ben Schumacher
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.0.0.25.2.20000915183859.026c2310>