Subject: Port forwarding using ipf
To: None <tech-kern@netbsd.org, port-i386@netbsd.org>
From: samuel Lellouche <samuel.Lellouche@epita.fr>
List: port-i386
Date: 03/16/2000 02:42:00
Hi


Heres what i'm trying to do:

I 'm using IPF to call a a function that i add to the kernel using modules.

I take Tcp packets, change the dest port, compute the checksum and pass it through.

It works great when i do it in local, but as soon as it is through network some 
packets go twice through the filter, somme dont... and finnaly it screws connections.

I'm considering to add my functions directly in the kernel on tcpinputs and leave ipf
which doesnt do what i want right.

Do you have any idea if i do something wrong or if ipf doesnt work as i think it works..

I'd like to add some generic hooks to do stuff like network analyser, traffic computing, or portforwarding, direcly in the kernel.


Should i continue using Ipf or doit it another way ?

thanx for any informaions


sam@epita.fr
EPITA.