Thanks, looks interesting. But I was looking at processing the packets in userspace. Sorry I didn't mention it clearly.
Thanks, -Subhash On Jan 11, 2008 10:32 PM, Lawrence Stewart <[EMAIL PROTECTED]> wrote: > Hi Subhash, > > Subhash Gopinath wrote: > > Hello folks, > > > > I am looking at writing an application program to tap certain ipv6 packets > > (say icmpv6) > > using netgraph. The application has to do some processing, before kernel can > > proceed > > with those packets. > > > > I have vaguely understood netgraph, and I see that I need a ng_socket node > > in the application, an ng_bpf node, and an ng_ether or ng_iface node in the > > kernel. > > > > My question is. would I need to create such nodes for each interface. Then > > it becomes unscalable.. > > Can I have just one socket, bpf, iface node that can tap icmpv6 packets on > > all interfaces? > > The PFIL(9) interface might also be of interest to you. If all you need > to do is packet interception and then allow/deny packets based on the > results of some processing, PFIL might be the way to go. We wrote some > code (SIFTR [1]) which uses PFIL in a similar capacity and you may want > to refer to it as an example. > > Cheers, > Lawrence > > [1] http://caia.swin.edu.au/urp/newtcp/tools.html > _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"

