Hello, Does anybody know the Solaris 10 equivalent (ipf) of the Linux "iptables QUEUE" target .. i am specifically looking for something in IPF. IPFW has something called divert which does similar stuff.
In detail what i am trying to do here is move an application from Linux to Solaris: The iptables functional replacement I am looking for on Solaris 10 is the QUEUE (to userland) behavior. The appication's Layer 7 proxies all operate as daemons using sockets of type SOCK_STREAM. They write packets back to the userland packet engine on the loopback interface. The packet engine does Layer 2-4 work on them (address translation, loopback to real world external IP addresses, etc.); then forwards the packets out the physical interfaces using a linux specific socket type, PF_PACKET. I believe that the Solaris dlpi interface can adequately help me with the packet handling along the nature of PF_PACKET. The difficult area is the interception of the packets from the proxies into the packet engine. When the proxies do the STREAM writes, they are sending packets to a non-existent "listner" on the loopback. The iptables QUEUE target on Linux lets me snatch the proxies' stream output as packets from the protocol stack, stopping their travel back up the stack to the non-existent listner. This accomplishes two requisite goals: 1) performs the conversion from streams to packets; and 2) prevents the protocol stack from sending a RESET to the proxies. The capability in the above paragraph is what we need to duplicate on Solaris Can anybody help ? Anand ------------------------------------------------------- SF.Net email is sponsored by: Tame your development challenges with Apache's Geronimo App Server. Download it for free - -and be entered to win a 42" plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php _______________________________________________ linux-india-help mailing list linux-india-help@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-india-help
