Am 09.10.2014 um 14:47 schrieb Dr. Rolf Jansen <[email protected]>: > Am 06.10.2014 um 08:58 schrieb Dr. Rolf Jansen <[email protected]>: > >> Am 01.10.2014 um 04:20 schrieb Martin Willi <[email protected]>: >> >>> Hi Rolf, >>> >>>> 1. Did somebody port already the farp plugin to *BSD or perhaps to Mac >>>> OS X? >>> >>> No, at least nothing has been discussed here. >>> >>>> 2. Is it feasible at all, or would proxy arp on FreeBSD not work in a >>>> similar manner as on Linux? >>> >>> I think so. farp_spoofer.c is probably the only part that needs porting, >>> and that doesn't have that much code. I'm no FreeBSD expert, but as long >>> as you have AF_PACKET and BPF it looks absolutely doable. >>> >>> As you already noticed, the most tricky part is probably to get the >>> includes right on both systems. >> >> I investigated this a little bit more, and for me the main problem is now, >> that in FreeBSD, I cannot attach a BPF to an arbitrary socket. On FreeBSD a >> BPF device must be opened, and a network interface on which to filter must >> be associated with that bpf device. In order to continue, I need to find out >> somehow an identifier of the interface which serves as the arp-proxy already >> in farp_spoofer_create(), then I could create a bpf device on each call to >> farp_spoofer_create() and associated the arp-proxy-interface with that. >> >> If a plugin in the course of instance creation could know either of the >> interface dev-name, IP- or MAC-address, then using getifaddrs(3) it should >> be possible to find out anything necessary. However, I am no more that sure >> that proxy arp on FreeBSD could work the same as on Linux. > > I got a first raw version of farp_spoofer.c for FreeBSD ready, which makes > use of the BPF device instead of an AF-PACKET socket. On my FreeBSD 10 > installation, strongSwan does load the farp plugin, but it does not call > farp_spoofer_create(). I added a diagnostic message at the entrance of said > routine, and according to the log file it is never called.
I found the problem. In farp_plugin_create(), I need to remove the initial capabilities(7) check, to which FreeBSD does not respond. So the plugin gets loaded and activated now. I am going to start with the tests now. _______________________________________________ Dev mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/dev
