Giorgos Keramidas keramida at
Tue Aug 15 03:38:54 UTC 2006

On 2006-08-14 22:08, Aaron Christensen <aaronmf at> wrote:
>On 8/14/06, Giorgos Keramidas <keramida at> wrote:
>>On 2006-08-14 18:23, Aaron Christensen <aaronmf at> wrote:
>>> All,
>>> Just curious, does FreeBSD (or any of the BSDs) have a
>>> STREAMS implementation?
>> Not really.  At least not in the official source tree.
>>> Or does anyone know of a 3rd party implementation?
>> I'm not sure about this.
>> What do you need STREAMS for?  Perhaps we can find something
>> that fits the bill and is already part of the base-system?
> Well, we're trying to implement a custom kernel-level ssl... Is
> there any mechanism in FreeBSD to facilitate this?

That's the reply I was sort of expecting, and the reason I asked.

If this is meant to be used for network sockets, then a mechanism
in FreeBSD that is similar to streams: it is called "NETGRAPH".
There are various 'node types' in FreeBSD already, which support
various sorts of packet processing, filtering, rewriting, etc.

The manpages of all the ng_xxxx(4) nodes are quite informational,
and you can find a few good references for Netgraph in Julian
Elischer's personal web space at

There are currently more than 50 different Netgraph node types in
FreeBSD 7.0-CURRENT, providig packet functions such diverse as
Berkeley packet filtering, a generic tunneling interface, packet
firewalling, NAT functions, kernel mbuf tagging, or VLAN
tagging, and so on.

See all the ng_xxxx manpages with:

    % man -k ng_

and the webpage of Julian mentioned above.  Hopefully, you can
find something that can help you get started.  If an existing
Netgraph node doesn't match 100% the functionality you want to
do, you can always copy an existing node sources and modify them
to create a node type of your own :-)


More information about the freebsd-questions mailing list