
Dissecting OpenBSD's divert(4) - fcambus
http://lteo.net/blog/2015/01/06/dissecting-openbsds-divert-4-part-1-introduction/
======
mben
Check pf-diverters [1]. We are using them in our openbsd firewalls in order to
block unwanted connections.

[1] [https://github.com/echothrust/pf-
diverters](https://github.com/echothrust/pf-diverters)

------
mct
There is a similar feature in Linux which I've used a number of times over the
years to simulate various network problems, and to modify packets flowing
through my router in interesting ways.

You can select packets to be sent to userspace with the "-j QUEUE" iptables
target handler, and then read those packets using libnetfilter.

------
gizzlon
Cool, I run a pf firewall but this was news to me.

Anyone have any idea of the performance overhead? (Not that it really matters
for me, just curious)

