LDP
/
old-www
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
old-www/HOWTO/Divert-Sockets-mini-HOWTO-4...

49 lines
2.0 KiB
HTML
Raw Permalink Blame History

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
<META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9">
<TITLE>Divert Sockets mini-HOWTO: Introduction</TITLE>
<LINK HREF="Divert-Sockets-mini-HOWTO-5.html" REL=next>
<LINK HREF="Divert-Sockets-mini-HOWTO-3.html" REL=previous>
<LINK HREF="Divert-Sockets-mini-HOWTO.html#toc4" REL=contents>
</HEAD>
<BODY>
<A HREF="Divert-Sockets-mini-HOWTO-5.html">Next</A>
<A HREF="Divert-Sockets-mini-HOWTO-3.html">Previous</A>
<A HREF="Divert-Sockets-mini-HOWTO.html#toc4">Contents</A>
<HR>
<H2><A NAME="s4">4. Introduction</A></H2>
<P>Ever wish you could intercept packets traveling up or down
the IP stack of your host? And I'm not talking about listening
in, like raw sockets or libpcap (tcpdump). I mean literally stop
the packet from further propagating through the IP stack and
then (possibly after some changes), reinjecting it back?
Well, the time to dream is over, because divert sockets for Linux
are here!
<P>
<P>Divert sockets do exactly that - they filter out certain packets
based on firewall specifications and bring them to you in user space.
You then have the freedom of simply reinjecting them back as if nothing
happened, mangling them first and then reinjecting them, or not
reinjecting them at all.
<P>
<P>As the name suggests, this mechanism utilizes a special type
of RAW socket called divert (IPPROTO_DIVERT) that allow you
to <EM>receive</EM> and <EM>send</EM> on them just like regular sockets.
The difference is that a divert socket is bound to a port, into
which the firewall can be instructed to send certain packets.
Anything that a firewall can filter out can be sent into a
divert socket.
<P>
<P>Divert sockets first appeared as part of FreeBSD. Divert sockets under
Linux is a port of this mechanism that strives to be source-code compatible
in terms of user-space programs that utilize it.
<P>
<HR>
<A HREF="Divert-Sockets-mini-HOWTO-5.html">Next</A>
<A HREF="Divert-Sockets-mini-HOWTO-3.html">Previous</A>
<A HREF="Divert-Sockets-mini-HOWTO.html#toc4">Contents</A>
</BODY>
</HTML>
Reference in New Issue View Git Blame Copy Permalink