Re: Packet interception / Mangling
Hi Isnt pcap meant to be non-intrusive, as in it only gets sent a copy of the packet from the kernel space to userspace? And doesnt actually intercept anything? Thanks for the other suggestions, but im trying to stay away from divert sockets, a friend also suggested libdnet, so I'll look into that today, but if you have any further ideas, please let me know, thanks Regards /Cole - Original Message - From: Julian Elischer [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: freebsd-hackers@freebsd.org Sent: Tuesday, June 28, 2005 2:39 AM Subject: Re: Packet interception / Mangling [EMAIL PROTECTED] wrote: Hi I wanted to know if there are any libraries similar to pcap to intercept packets/mangle packets. how about pcap? :-) There are also two other mechinisms.. divert sockets (man divert) which is used in conjuction with teh ipfw packet fileter and netgraph (man 4 netgraph, man ngctl, man ng_socket, man ng_ether) which can do a lot of interesting thins. What im trying to do specifically is like link compression, and I would then need to check if the packet is then compressed and decompress, and so forth and so on. I would like to avoid having to use a ipfw divert to a port, and specifically check all traffic to the box using a library function or some kind of hook into the kernel. The FreeBSD version I will be using is 4.9 or 4.11, and would like to know if there are any such routines available, and whether it could be a userland daemon, or if i am going to need to write a kernel loadable module? If anyone has any ideas or suggestions, or knows anything about this, it would be a great help. Regards /Cole ___ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Packet interception / Mangling
Cole wrote: Hi Isnt pcap meant to be non-intrusive, as in it only gets sent a copy of the packet from the kernel space to userspace? And doesnt actually intercept anything? Thanks for the other suggestions, but im trying to stay away from divert sockets, Why? that's what they are for! It's like saying I know I asked for a tool to remove this nut from the bolt but I'm trying to stay away from using wrenches. netgraph also allows you to do this in an efficient manner. a friend also suggested libdnet, so I'll look into that today, but if you have any further ideas, please let me know, thanks Regards /Cole - Original Message - From: Julian Elischer [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: freebsd-hackers@freebsd.org Sent: Tuesday, June 28, 2005 2:39 AM Subject: Re: Packet interception / Mangling [EMAIL PROTECTED] wrote: Hi I wanted to know if there are any libraries similar to pcap to intercept packets/mangle packets. how about pcap? :-) There are also two other mechinisms.. divert sockets (man divert) which is used in conjuction with teh ipfw packet fileter and netgraph (man 4 netgraph, man ngctl, man ng_socket, man ng_ether) which can do a lot of interesting thins. What im trying to do specifically is like link compression, and I would then need to check if the packet is then compressed and decompress, and so forth and so on. I would like to avoid having to use a ipfw divert to a port, and specifically check all traffic to the box using a library function or some kind of hook into the kernel. The FreeBSD version I will be using is 4.9 or 4.11, and would like to know if there are any such routines available, and whether it could be a userland daemon, or if i am going to need to write a kernel loadable module? If anyone has any ideas or suggestions, or knows anything about this, it would be a great help. Regards /Cole ___ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Packet interception / Mangling
[EMAIL PROTECTED] wrote: Hi I wanted to know if there are any libraries similar to pcap to intercept packets/mangle packets. how about pcap? :-) There are also two other mechinisms.. divert sockets (man divert) which is used in conjuction with teh ipfw packet fileter and netgraph (man 4 netgraph, man ngctl, man ng_socket, man ng_ether) which can do a lot of interesting thins. What im trying to do specifically is like link compression, and I would then need to check if the packet is then compressed and decompress, and so forth and so on. I would like to avoid having to use a ipfw divert to a port, and specifically check all traffic to the box using a library function or some kind of hook into the kernel. The FreeBSD version I will be using is 4.9 or 4.11, and would like to know if there are any such routines available, and whether it could be a userland daemon, or if i am going to need to write a kernel loadable module? If anyone has any ideas or suggestions, or knows anything about this, it would be a great help. Regards /Cole ___ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to [EMAIL PROTECTED]
