Question about bridging code
Julian Elischer
julian at elischer.org
Wed Jul 9 12:38:10 PDT 2003
On Wed, 9 Jul 2003, Brooks Davis wrote:
> On Wed, Jul 09, 2003 at 03:23:52PM -0400, kw3wong at engmail.uwaterloo.ca wrote:
> > Hi guys,
> >
> > My first attempts at hacking FreeBSD kernel code has not been very fruitful, so
> > I'm hoping someone with more experience and knowhow might be able to point out
> > the mistakes that I'm making.
> >
> > Firstly, let me explain what I'm trying to do. I'm currently working on a
> > University project that performs some type of transformation (compression,
> > security, string replacement, etc) on packets as they pass through the system.
> > The current setup has the FreeBSD machine configured as a router, and the
> > transformation is performed on packets that are routed. This is done via divert
> > sockets and everything is fine and dandy, we're getting great results from this
> > setup.
> >
> > However, what we want to do next is to have the machine setup as a ethernet
> > bridge instead, and the transformation is to be performed on the bridged
> > packets. Unfortunately, as most of you probably know, divert sockets do not
> > work with bridges as of yet.
>
> Since you are paying the price of pulling all packets into userland
> anyway, I'd suggest you just do the bridging in userland. You can use
> bpf to send and recieve packets on each interface and then bridge and
> process them in your application. I did this a while back and the whole
> thing took about 1400 lines of code. Unfortunalty, I can't release the
> code, but it only took a few hours to write and debug the bridging part.
how come no-one knows about netgraph.. the framework designed to do
exactly this? :-)
It's only been in use for 6 years..
More information about the freebsd-net
mailing list