Intercepting a packet,
changing it and re-injecting into the network
Eygene Ryabinkin
rea-fbsd at codelabs.ru
Fri Dec 22 08:29:49 PST 2006
Fabricio, good day!
> I'm developing a network application which needs *to intercept* a packet
> (not just *copy* a packet, like libpcap does), move this packet into my
> application (userland), do some checking in the packet and according
> with some heuristics, the application may change the payload and
> re-inject the modified packet into the network. Note that sometimes,
> I'll change the payload, drop the packet or just let it go.
>
> So, how can a I do that in FreeBSD? I can use 6.1, 7.1, any version.
Probably you should read the divert(4) manual page and the ipfw(8)
manual, looking for the 'divert' directive. The good example of
your application is /sbin/natd.
The aforementioned facilities are present in FreeBSD at least since 4.x.
--
Eygene
More information about the freebsd-net
mailing list