newlisp Documentation 10.3.0 "divert"

Started by newdep, March 25, 2011, 07:49:37 AM

Previous topic - Next topic

newdep

Hi Lutz,



The "divert" option on net-listen needs an extention for the users as not all readers know what this is probably.. Btw.. nice option..



I have summerized here what, i think, needs to be added to make it more clear...but please do

borrow from it what you think adds the extra..


Quote
A "divert" socket option does not work by default on Linux or Unix systems. Also a "divert" socket

is not the same as a "raw" socket. A" divert" socket can reinject its data back into the network stack it

also stops network packets going further up the network stack. Its main use  is for data manipulation and inspection of the ip packets, done by i.e. firewalls and network 'gateways'.



"divert" only works when your system-kernel was prepaired to use this option. Some linux and unix distributions do this and some dont. If you want to use the net-listen "divert" option then you must prepair your kernel and firewall to enable "divert". Not all firewall types can do this.



A net-listen "divert" option is only useable when you have full "root" privilages.



The str-mode can only contain "divert" and does not allow another "udp"  in front of it.

This would turn the net-listen back to "udp" only and not into "divert":

(net-listen "" "udp" "divert")   ; this is wrong

(net-listen "" "divert") ; this is good


-- (define? (Cornflakes))