> -----Original Message----- > From: Sergey Matveychuk [mailto:s...@freebsd.org] > Sent: Wednesday, February 09, 2011 12:53 AM > To: rozhuk...@gmail.com > Cc: freebsd-net@freebsd.org > Subject: Re: divert rewrite > > 08.02.2011 19:08, rozhuk...@gmail.com wrote: > > Did you try ng_ether + ng_ksocket? > > It can translate Ethernet frames incapsulated to udp to user space > receiver. > > The idea is catch packets from firewall (ng_ipfw, ng_nat was mentioned > by mistake) and pass them to user space module that do some processing > and puts back the packets into firewall (for rules with `diverted' > keyword). > > It works now for IPv4 with `divert' and doesn't with IPv6.
I know how divert works, google: uTPControl ;) Its simple for developmet, stable, but uses many CPU. With ng_ether + ng_ksocket you can send custom Ethernet frames. There is some node that can filter traffic, for IPv6 you need allow 1 or 2 ethernet types to pass. _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
