Override default ICMP (and other protocols) default replies.
Stefan Bethke
stb at lassitu.de
Thu Aug 21 08:47:26 UTC 2008
Am 20.08.2008 um 19:27 schrieb Javier Ubillos:
> Hi freebsd-hackers.
> (Sorry for cross posting, but I got no reply when posting to
> freebsd-questions)
>
> I'm implementing a NAT (1 ip - 1 ip) like router.
>
> I have chosen to use pcaplib to pick up the packets. I have an
> implementation which picks up the packets, inspects them, rewrites the
> destination/source ip-addresses and sends them out on the repective
> interface.
>
> The problem I'm facing however is that my interfaces are answering to
> e.g. icmp-echo (ping) automatically, and I don't know how to turn this
> behaviour off.
>
> What I want to happen is that if A pings C, my router B in between
> should simply forward the packets w/o any automatic reactions.
>
> A --> B --> C
>
> So that if e.g. C is down, no echo-reply is sent back (or if C is up,
> that C is actually sending the echo-reply.
>
> Does any one know how to turn off the automatic replies (ICMP and
> whatever else I haven't forseen yet) or does any one know where I can
> find out more about the issue?
bpf, which libpcap uses, gives you a copy of the received packet, so
the kernel will process it.
Typically, if you want to process packets before the host sees them,
you'd use ipfw(4) and a divert(4) socket, like natd(8) does. This
allows you to modify any packet entering the system, modify it, and
(if appropriate) reinject it into the stack.
You can also configure your own tun(4) interface to get packets out of
the kernel and process them, which might be ideal if you want to
process all traffic for an IP.
And finally, unless you have really weird requirements, ipfw or pf
rules will likely work without any special programming.
HTH,
Stefan
--
Stefan Bethke <stb at lassitu.de> Fon +49 170 346 0140
More information about the freebsd-hackers
mailing list