Question about bridging code
Brooks Davis
brooks at one-eyed-alien.net
Wed Jul 9 12:34:04 PDT 2003
On Wed, Jul 09, 2003 at 03:23:52PM -0400, kw3wong at engmail.uwaterloo.ca wrote:
> Hi guys,
>
> My first attempts at hacking FreeBSD kernel code has not been very fruitful, so
> I'm hoping someone with more experience and knowhow might be able to point out
> the mistakes that I'm making.
>
> Firstly, let me explain what I'm trying to do. I'm currently working on a
> University project that performs some type of transformation (compression,
> security, string replacement, etc) on packets as they pass through the system.
> The current setup has the FreeBSD machine configured as a router, and the
> transformation is performed on packets that are routed. This is done via divert
> sockets and everything is fine and dandy, we're getting great results from this
> setup.
>
> However, what we want to do next is to have the machine setup as a ethernet
> bridge instead, and the transformation is to be performed on the bridged
> packets. Unfortunately, as most of you probably know, divert sockets do not
> work with bridges as of yet.
Since you are paying the price of pulling all packets into userland
anyway, I'd suggest you just do the bridging in userland. You can use
bpf to send and recieve packets on each interface and then bridge and
process them in your application. I did this a while back and the whole
thing took about 1400 lines of code. Unfortunalty, I can't release the
code, but it only took a few hours to write and debug the bridging part.
-- Brooks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-net/attachments/20030709/50737aa5/attachment.bin
More information about the freebsd-net
mailing list