Re: How to re-send out the packets captured by my hook function at NF_IP_PRE_ROUTING

Thanks for your reply, Srinivas!

But maybe I failed to describe the problem that I am facing. It's ture
as you said that I have a module, which registers a function to a
netfilter hook. Whenever there is an incoming packet, the function
could catch it and make some changes to it : wrap it in a new iphdr,
change the src and dst ip, etc. This is what I've done.

Now a problem comes that, how do I send it out directly? -- By
'directly', I mean to do it just in the kernel space, not first
passing it to a userspace application(thru NF_QUEUE like you said, or
netlink socket, anyway) and then let the application send it out.

The difficulty is that, since I changed the src and dst ip, the mac
address information is totally unavailable. That may be able to
explain the reason why I used skb->dev->hard_start_xmit(...) and then
the kernel crashed.

Is there any way to achieve my goal? Or that is mission impossible?

Wish I've explained clearly enough.

Many thanks for your help indeed!

Best regards,
Gu, Xinxing



2006/4/27, Srinivas G. <srinivasg@xxxxxxxxxxxxxxxxxxxxx>:

I've read what you mentioned and since I've done most of the work in
kernelspace, I wonder if there is any way to send out the modified
packet directly, when of course the mac address is not filled?

I am trying to understand your current situation. So you have a kernel
module that is subscribed to a certain netfilter hook and as a result
starts
receiving packets; and now you want to pass these packets from your
kernel
module to a userspace application? Is this correct?

If this is your current situation, you should issue a NF_QUEUE verdict
for
arriving packets in your kernel module to queue the packets to
userspace.
Subsequently, you will need to create a user space application to
receive the queued packets and run it. You can use libipq to write a
userspace
application that will accept queued packets. See the man page of libipq
for
more information on how to do this (the man page contains a fully
working
example).

Regards,
Srinivas G


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Relevant Pages

  • [UNIX] Local Netfilter / IPTables IP Queue PID Wrap Flaw
    ... Beyond Security would like to welcome Tiscali World Online ... and a userspace library which allow userspace mediation and modification ... NET_ADMIN capability) to process packets from the kernel. ...
    (Securiteam)
  • Re: Q: locking mechanisms
    ... rcu_read_lockI disable preemption which I thought affects more ... In any kernel in which rcu_read_lockdisables preemption, ... types of PF_CAN sockets, which register for packets of certain CAN ...
    (Linux-Kernel)
  • Re: My boss want to kill debian, please help !
    ... > Thanks a lot, hmm, i always thought vanilla kernel are best, i will ... which BIOS revision? ... The 3COMs are losing packets (but the machine is rock solid, ... "One disk to rule them all, ...
    (Debian-User)
  • Router stops routing after changing MAC Address
    ... Hello - This feels like a kernel issue. ... How to change MAC addresses is documented well enough - and it works - ... ip link set eth0 down ... the right side and back with echo request and reply packets. ...
    (Linux-Kernel)
  • Re: Send-Q on UDP socket growing steadily - why?
    ... Send-Q on a moderately active UDP socket keeps growing steadily until it ... The application in question is standard ntpd from Fedora 7, kernel is ... and drops packets. ...
    (Linux-Kernel)