Ruslan Ermilov wrote:
On Tue, Mar 01, 2005 at 10:47:07PM -0500, Aziz KEZZOU wrote:
Hi folks,
Here is what I want to do : "Intercept all incoming IP packets on an
Ethernet interface of a certain type (e.g RSVP) and call my own
function to process, all inside the kernel"
Netgraph nodes : ng_iface, nf_bpf (and probably ng_ether) look
promising for this task but I can not figure out how to do it in
practice...
Any help is appreciated. Thanks,
I thought Julian already answered this...
you can do it even without ng_ipfw
use ng_ksocket to open a divert socket and
use ipfw divert to send packets to it.
You can do this with ng_ipfw(4) in -CURRENT. Or you can filter
(with ng_bpf(4)) the packets of interest and forward them
somewhere. Example:
+---v
| (upper)
| rl0: [ng_ether]
| (lower)
| ^
| |
| v
| (lower)
| bpf_rl0: [ng_bpf]
| (upper)
+---^
[bpf] should be configured to forward matching packets received on
"lower" to some other hook, and non-matching packets to "upper".
Similarly for packets received on "upper", forward packets of
interest to some other hook, and non-matching packets to "lower".
Cheers,
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
