On Mon, 3 Nov 2003, John Fastabend wrote: > [...] and the other was to use iptables to drop > them and since libpcap captures them before iptables drops them you can > retransmit the packets. I cant remember the name of the library to > interact with iptables but if you need it email me offline and i'll look > it up, i'm in class right now. And if you find a better way let me know.
With netfilter (iptables), all packets with a target of QUEUE are queued by the kernel. You can grab packets from the queue into userspace with a library called libipq, manipulate them however you want, and pass back a verdict of ACCEPT or DROP. libipq comes with iptables. The only good documentation I know of is the libipq man page. There's also a netfilter-devel mailing list. Mr. Abbad is using OpenBSD so this Linux-specific information will be of limited use to him. The only equivalent feature I know of for a BSD is 'divert' sockets in FreeBSD (ipfw 'divert' rule). Anyway, this is all off-topic for this list. - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:[EMAIL PROTECTED]
