A netgraph question.

Joe Pellegrino jdp at elvis.rowan.edu
Sat Nov 1 15:15:36 PDT 2008

OK so here it goes. I actually have two seperate questions involving netgraph, 
I am new to this subject so please bare with me. If there is a better way to 
achieve these goals too, please suggest them but I think netgraph is the way to 

The first part involves allowing a userland program to communicate with a 
kernel module, similar to how netlink works in Linux. The second part involves 
intercepting network packets and possibly manipulating them before they are 
allowed to proceed, similar to how netfilter works. I believe I can do both of 
these with the netgraph (ng_socket and possibly ng_ether). I haven't looked 
closely at ng_ether yet so I'll focus on ng_socket.

I have been able to create a ng_socket (Control and Data) using the socket call 
as described in "All About NetGraphs" and the man page. I've also been able to 
'name' the node using bind. I was able to verify this using ngctl. I know (from 
the man page) I should eventually be able to send/receive using the 
sendto/recvfrom functions once the connection is established. But beyond this I 
don't know how to proceed. So the question is what are the next steps. For 

Although I see a named netgraph node there are no hooks. ng_socket says it 
supports an arbitrary number of hooks so how do I create the hooks? Then of 
course how do I connect them.

Of course I realize that I proabably need to create a node on the kernel side 
so which type of netgraph node would be suggested? How is it created and then 
hooked to the ng_socket?

Again I am looking to allow some IPC between a userland program and a kernel 
module similar to the Linux netlink. I've been through most man pages and can't 
seem to find a lot of good documentation or example code so I am hoping to get 
some pointers here. BTW If this is the wrong list please directly to the right 
place to ask. Thanks in advance.


More information about the freebsd-net mailing list