transparent udp proxy
Julian Elischer
julian at freebsd.org
Sun Nov 2 03:10:31 UTC 2014
On 11/2/14, 9:13 AM, Julian Elischer wrote:
> On 10/31/14, 5:50 PM, Hooman Fazaeli wrote:
>> Hi,
>>
>> I my setup, I use a fwd rule to forward all udp traffic to my local
>> proxy:
>>
>> ipfw add 10 fwd localhost,7000 udp from any to any recv em1
> just as a nit, I'd add "in" as well sometimes outgoing packets can
> have a receive interface if they were routed.
>
>>
>> The proxy needs to know the original destination address of
>> forwarded datagrams, but
>> there seems to be no way to obtain that address.
> hmm that used to work..
>>
>> Using recvmsg with IP_RECVDSTADDR does not help because it returns
>> next-hop address
>> instead of original destination. This is because udp_input()
>> overwrites packet's destination
>> with next-hop address before doing ip_savecontrol.
> This behaviour may be new since IPFORWARD was added.. My memory is
> that you could do this.
>>
>> It seems easy to change udp_input to pass the original dest.
>> address to ip_savecontrol.
>> Another soultion would be to implement IP_RECVDSTSOCKADDR option,
>> which records the original
>> destination address:port as a 'struct sockaddr_in[6]' in packet's
>> control data.
>>
>> Comments/suggestions are welcome.
apply the following patches to your kernel
http://svnweb.freebsd.org/base/stable/9/sys/netinet/udp_usrreq.c?r1=225043&r2=225044&
and
http://svnweb.freebsd.org/base/stable/9/sys/netinet/udp_usrreq.c?r1=243585&r2=243586&
>>
>>
>
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
>
More information about the freebsd-net
mailing list