On Wed, Jul 09, 2003 at 03:23:52PM -0400, [EMAIL PROTECTED] wrote: > Hi guys, > > My first attempts at hacking FreeBSD kernel code has not been very fruitful, so > I'm hoping someone with more experience and knowhow might be able to point out > the mistakes that I'm making. > > Firstly, let me explain what I'm trying to do. I'm currently working on a > University project that performs some type of transformation (compression, > security, string replacement, etc) on packets as they pass through the system. > The current setup has the FreeBSD machine configured as a router, and the > transformation is performed on packets that are routed. This is done via divert > sockets and everything is fine and dandy, we're getting great results from this > setup. > > However, what we want to do next is to have the machine setup as a ethernet > bridge instead, and the transformation is to be performed on the bridged > packets. Unfortunately, as most of you probably know, divert sockets do not > work with bridges as of yet.
Since you are paying the price of pulling all packets into userland anyway, I'd suggest you just do the bridging in userland. You can use bpf to send and recieve packets on each interface and then bridge and process them in your application. I did this a while back and the whole thing took about 1400 lines of code. Unfortunalty, I can't release the code, but it only took a few hours to write and debug the bridging part. -- Brooks
pgp00000.pgp
Description: PGP signature
