On Thu, 7 Nov 2002, Steve Tremblett wrote:
> I've been toying with the idea of tackling a Netgraph TCP/IP > implementation and want to hack out some skeleton netgraph nodes just > to feel things out and play around with parsing. I'm somewhat confused > on how to start. I'd like to be able to tinker as I go and I'd rather > not have to write 5000 lines of code and complete a mini-stack before > trying it out :) > > I'm in a bit of a bind. I want a sequence of ethernet frames to send > up through this framework. Hooking to ng_ether will give me this but I > am restricted to taking ALL frames (thus taking the machine offline) or > orphaned frames (where I will have to write some sort of traffic > generator to make frames of an invalid type). The third option here is > to hack ng_ether to deliver frames out the lower hook as well as up > into the kernel IP stack, thus giving me a complete stream without > taking the box offline. I've gotten libnet which seems to fit the bill > to generate any orphans I want, but making a stream of frames by hand > is a pain. Also look at ng_etf the ethertype filter.. it is designed to connect to an ether node and filter out packets with a particular ethertype. yuo could alter it to examine for a particular tcp port number too. > > I've read about ng_tee but haven't had an opportunity to play with it. > Could I hack together something like this for an input source? Would > this allow for uninterrupted operation of the workstation while also > giving a stream of test data? > > kernel > ip_input() > \ > \-| > |- upper hook-\ > ng_ether ng_tee----> > |- lower hook-/ > | > wire > > In case that diagram doesn't display in your mailer, I'm thinking of > connecting ng_tee to recieve input from ng_ether's lower hook and pass > it out through ng_ether's upper hook as well as into the input hook of > my own netgraph node. yes that would work.. you would get a copy of all packets entering the machine. > > Does anyone have any suggestions or ideas on tools or methods to assist > me in starting this venture? Am I thinking about this problem from the > right angle or is my head up my ass? :) No you have the right idea. One possibility I am looking at is adding a netgraph hook onto ipfw so one could grab a packet on ipfw and force it out to a netgraph hook. > > Thanks all :) > > -- > Steve Tremblett > > To Unsubscribe: send mail to [EMAIL PROTECTED] > with "unsubscribe freebsd-hackers" in the body of the message > To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
