PF DIVERT LOOP
sadegh solati
solati.sadegh at gmail.com
Wed Oct 1 10:46:01 UTC 2014
I have written a small program which does not do any specific job. It gets
packets from divert socket and reinjects them back. A message is printed
when a packet is received. The problem is that when i send only one packet
a lot of "packet received" message will be printed. I use pf for diverting.
My pf.conf contains just one line:
"pass quick log(all) on em0 proto tcp from 192.168.11.92 to any port 80
keep state divert-to 127.0.0.1 port 8080"
The following is my code :
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include <netinet/ip_var.h>
#include <netinet/tcp.h>
#include <netinet/tcpip.h>
#include <arpa/inet.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <err.h>
#include <string>
#include <iostream>
#include <cstdlib>
#include <ctime>
#define DIVERT_PORT 8080
int
main(int argc, char *argv[])
{
int fd,s,m,i;
struct sockaddr_in sin;
socklen_t sin_len;
char packet[1600];
struct ip *ip_hdr;
struct tcpiphdr *tcpip_hdr;
fd = socket(AF_INET, SOCK_RAW, IPPROTO_DIVERT);
if (fd == -1)
err(1, "socket");
bzero(&sin, sizeof(sin));
sin.sin_family = AF_INET;
sin.sin_port = htons(DIVERT_PORT);
sin.sin_addr.s_addr = inet_addr("127.0.0.1");
sin_len = sizeof(struct sockaddr_in);
s = bind(fd, (struct sockaddr *) &sin, sin_len);
if (s == -1)
err(1, "bind");
for (;;) {
bzero(packet, sizeof(packet));
m = recvfrom(fd, packet, sizeof(packet), 0,
(struct sockaddr *) &sin, &sin_len);
sendto(fd, packet, m, 0, (struct sockaddr *) &sin,
sin_len);
std::cout<<"Packet Recv \n";
}
return 0;
}
Thank You All In Advance
More information about the freebsd-pf
mailing list