tracing pf code
Max Laier
max at love2party.net
Tue Oct 14 18:14:41 PDT 2008
On Wednesday 15 October 2008 02:47:46 alan yang wrote:
> hello,
>
> for pf port on freebsd, i would like to trace the packet flow, looking
> at from ether_input -> etiher_demux -> ip_input -> tcp_input where /
> how pf handles / process the packet.
>
> can people shed some lights where to start. really appreciate.
ps hooks into the pfil(9) hook point in ip[6]_{in,out}put(). Look for calls
to "pfil_run_hooks" in the code. From there the call proceeds to the hook
functions defined in pf_ioctl.c pf_check_{in,out}[6].
The processing inside pf is best understood by looking at the following chart:
http://homepage.mac.com/quension/pf/flow.png
Is this the information you are looking for?
--
/"\ Best regards, | mlaier at freebsd.org
\ / Max Laier | ICQ #67774661
X http://pf4freebsd.love2party.net/ | mlaier at EFnet
/ \ ASCII Ribbon Campaign | Against HTML Mail and News
More information about the freebsd-questions
mailing list