Randall Stewart wrote: > Ian FREISLICH wrote: > > > > > > > I'm using divert sockets extensively for some tunnel/vpn software > > I wrote _way_ back. It's running fine on -CURRENT (Tue Sep 19 > > 08:33:01 SAST 2006), 4.11-STABLE, and just about everything in > > between. I've not had to change the code substantially to make it > > work on newer BSDs. All our VoIP goes through this piece of code: > > > > memset(&from, '\0', sizeof from); > > from.sin_addr.s_addr = INADDR_ANY; > > from.sin_port = config.tuns[config.tun].fw_rule; > > while (tot + ntohs(hdr->length) <= (p - buf + in)) { > > out = sendto(config.tuns[config.tun].div_fd, buf + tot, > > ntohs(hdr->length), 0, (struct sockaddr *)&from, > > sizeof(addr)); > > ... > > > > > Well, its interesting ... 6.1 appears to work.. but 7.0 does not.. > > Now I don't think the code we have does anything with setting the > sin_port like you do (to config.tuns[]...) All that does is tell the divert socket which (ipfw) rule to inject the packet after. If you read from the divert socket, do stuff(tm) and write back to the divert socket, preserve the struct sockaddr *from from the recvfrom() call and use that same data in the sendto() call unless you want processing in the stack to start afresh for the packet. (I'm sure others will correct that statement, but that's my poor-man's understanding) I've found that not zeroing these network structures before use confounds things, because you might not initialise all the elements. If my memory serves correctly, I think that these structures have changed size between 6 and 7, but take my saying so with a pinch of salt because I haven't checked recently. Ian -- Ian FreislichReceived on Tue Sep 26 2006 - 08:40:10 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:00 UTC