Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Dissecting OpenBSD's divert(4) (lteo.net)
69 points by fcambus on Jan 6, 2015 | hide | past | favorite | 3 comments


Check pf-diverters [1]. We are using them in our openbsd firewalls in order to block unwanted connections.

[1] https://github.com/echothrust/pf-diverters


There is a similar feature in Linux which I've used a number of times over the years to simulate various network problems, and to modify packets flowing through my router in interesting ways.

You can select packets to be sent to userspace with the "-j QUEUE" iptables target handler, and then read those packets using libnetfilter.


Cool, I run a pf firewall but this was news to me.

Anyone have any idea of the performance overhead? (Not that it really matters for me, just curious)




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: