ipb: bpf in and out
Robert Morris
rtm at the-seventh-bridge.lcs.mit.edu
Wed Feb 17 23:35:43 EST 1999
I added factions to read packets directly from the packet filter and
also write them. Which causes packets to appear on the real network.
As a result I'm able to actually route packets! If you are super lucky
you can reproduce this yourself:
On panam, which has an ordinary Linux routing table entry
that directs packets for host 99 to the-seventh-bridge:
[panam] ping 18.26.4.99
In another window, on the-seventh-bridge:
[the-seventh-bridge] ./ipb -ilive fxp0 -olive fxp0
In another window, on zeus, as root:
zeus# tcpdump -n host 18.26.4.99
ipb (at least as I just now committed it) is set up to forward packets
aimed at 18.26.4.99 via zeus' ethernet address. So you should see
ping packets in zeus' tcpdump output from 18.26.4.38, forwarded by
ipb. Pretty convoluted, but it does work.
Actually the bpf stuff only works under OpenBSD. I could not figure
out how to get the local ethernet address under Linux, or how to
persuade pcap to send packets. We need the local ethernet address so
we can tag outgoing packets with the right ethernet source, and (more
crucial) so we can ignore incoming packets not directed to us. These
ignorable packets include the packets we forward.
I added command line arguments to ipb to control its input and
output. I imagine we'll make ourselves a configuration language soon.
More information about the click
mailing list