On Wed, 20 Nov 2002, soheil soheil wrote: > Can i use raw socket for get all of the TCP/IP packet travels through my > PC like this ? > > in -------->MyGW MyGW------> out > | | > -----> MySocket -----
Generally, no -- there are a number of approaches you can take addressing the problem you're talking about, but it depends a lot on what you need the solution to do. If you definitely want a userland solution, one place to start looking is at DIVERT sockets. This is used by the userland nat daemon (natd(8)) to intercept packets along a route or going in/out an interface. Take a look at divert(4) for more general information on the divert notion. I've used IPDIVERT in a number of situations to write filtering applications at the IP level. I've also used BPF to write userland applications to perform filtering at the link layer by writing a simple bridging application. Depending on what you're trying to accomplish, you might also be interested in the ipfw "fwd" command, which allows you to intercept TCP connections, which you can then hook up to a new TCP connection created by a proxy application. ipfw(8) contains some information about connection "fwd"s. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects [EMAIL PROTECTED] Network Associates Laboratories To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
