Hi Subhash,
Subhash Gopinath wrote:
Hello folks,
I am looking at writing an application program to tap certain ipv6 packets
(say icmpv6)
using netgraph. The application has to do some processing, before kernel can
proceed
with those packets.
I have vaguely understood netgraph, and I see that I need a ng_socket node
in the application, an ng_bpf node, and an ng_ether or ng_iface node in the
kernel.
My question is. would I need to create such nodes for each interface. Then
it becomes unscalable..
Can I have just one socket, bpf, iface node that can tap icmpv6 packets on
all interfaces?
The PFIL(9) interface might also be of interest to you. If all you need
to do is packet interception and then allow/deny packets based on the
results of some processing, PFIL might be the way to go. We wrote some
code (SIFTR [1]) which uses PFIL in a similar capacity and you may want
to refer to it as an example.
Cheers,
Lawrence
[1] http://caia.swin.edu.au/urp/newtcp/tools.html
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"