Subject: RE: Capturing/Modifying TCP packets when used as a router.
To: None <firstname.lastname@example.org>
From: Hemant Puri <email@example.com>
Date: 11/27/2001 16:26:20
Checked up the 'pfil' man page. Man page says that one can register a
function for incoming and outgoing packets.
func(void *data, int hlen, struct ifnet *net, int dir, struct mbuf **m)
data is the ip data.
Now the question is can I just see the contents only or I can modify it
It seems that I cannot modify it since there is now way to return the
modified length. Am I missing something?
From: Hubert Feyrer [mailto:firstname.lastname@example.org]
Sent: Tuesday, November 27, 2001 3:56 PM
To: Hemant Puri
Subject: Re: Capturing/Modifying TCP packets when used as a router.
On Tue, 27 Nov 2001, Hemant Puri wrote:
> I want to use NetBSD as a router and want to capture/modify the TCP
> packets going out. (Something like a firewall functionality with the
> additional ability to modify packets).
> Any pointers on how it can be done would be appreciated.
Check out the IPfilter Firewall code that comes with NetBSD, it's
somewhere in /sys. IPfilter uses the packet filter interface, which
be of interrest too, it's enabled with the kernel option PFIL_HOOKS and
documented in the pfil(9) manpage. There's also the bpf(4) interface
might be interresting.
- Hubert (NOT a kernel guru!)
Want to get a clue on IPv6 but don't know where to start? Try this:
* Basics ->
* Setup ->
Of course with your #1 IPv6 ready operating system ->