netgraph question
Subhash Gopinath
subhashg.unix at gmail.com
Sat Jan 12 11:40:08 PST 2008
Thanks, looks interesting.
But I was looking at processing the packets in userspace. Sorry I
didn't mention it clearly.
Thanks,
-Subhash
On Jan 11, 2008 10:32 PM, Lawrence Stewart <lstewart at freebsd.org> wrote:
> Hi Subhash,
>
> Subhash Gopinath wrote:
> > Hello folks,
> >
> > I am looking at writing an application program to tap certain ipv6 packets
> > (say icmpv6)
> > using netgraph. The application has to do some processing, before kernel can
> > proceed
> > with those packets.
> >
> > I have vaguely understood netgraph, and I see that I need a ng_socket node
> > in the application, an ng_bpf node, and an ng_ether or ng_iface node in the
> > kernel.
> >
> > My question is. would I need to create such nodes for each interface. Then
> > it becomes unscalable..
> > Can I have just one socket, bpf, iface node that can tap icmpv6 packets on
> > all interfaces?
>
> The PFIL(9) interface might also be of interest to you. If all you need
> to do is packet interception and then allow/deny packets based on the
> results of some processing, PFIL might be the way to go. We wrote some
> code (SIFTR [1]) which uses PFIL in a similar capacity and you may want
> to refer to it as an example.
>
> Cheers,
> Lawrence
>
> [1] http://caia.swin.edu.au/urp/newtcp/tools.html
>
More information about the freebsd-hackers
mailing list