Diverting sockets and streams
Jakub Bednar
jakub.bednar at avg.com
Thu Nov 5 08:46:25 UTC 2009
Hi Julian,
thanks for making this clear to me.
>
>>
>> so basically I have to implement part of the TCP stack in my app.
>
> yes,
> though there may be other ways to do what you want..
> what DO you want to do?
>
I need to make a transparent proxy e.g. HTTP proxy, that will be able
to scan the data stream for some security problems (exploits or
whatever).
I had a solution based on packet forwarding and packet UID matching
rather then divert sockets. This solution works fine on FreeBSD, Linux
and Mac OS X Leopard. Hovewer in the new Mac OS X Snow Leopard,
forwarding outgoing packets to local port does not work. So I'm
looking for another solution.
Jakub
More information about the freebsd-ipfw
mailing list