Re: understanding TCP-IP interface in linux kernel

Hey,

See the following code present in file linux/net/ipv4/protcol.c

static struct inet_protocol tcp_protocol = {
handler: tcp_v4_rcv,
err_handler: tcp_v4_err,
next: IPPROTO_PREVIOUS,
protocol: IPPROTO_TCP,
name: "TCP"
};

You can see tcp_v4_rcv is the receive function of TCP.
inet_protos[] is a hash list of upper protocol handlers for IP layer.
You can register your own handler using inet_add_protocol function. It
appears that the last registered handler will get called first as the
implementation is attaching the node at head of the hash list.
Your function should return zero if it wants to own the packet.

It that method doesn't work, go through the hash list and find the TCP
handler and replace the function pointer with yours.

Where do you want to capture outgoing packets. Before or after TCP
processing?

<><><><><><><><><><><><>
Neo
Techpulp Technologies
Hyderabad
website: www.techpulp.com
<><><><><><><><><><><><>


On Oct 27, 9:42 pm, Tauno Voipio <tauno.voi...@xxxxxxxxxxxxx> wrote:
will_u_tellmemore wrote:
Hi all,
I am planning to write a kernel module which will sit below tcp and
intercept every incoming and outgoing packet(shud i say segment ?? ).
In order to do that i was taking a look at net/ipv4/tcp* files but the
code does hell lot of things and makes it hard for me to find my way
through it.
C
an somebody point me to correct place from where i should start ??
I havent learnt yet about tcp implementation in linux kernel. by TCP-IP
i mean those 2 protocols and not the complete suite.
Is thr good online documentation explaining this implementation.??

Also what am curios about is :
TCP-IP interface .. so how does TCP layer sends "segment" to IP and
receives sengment from IP. ??

Any help in this regard will be greatly appreciated ...The module you're intending to write may be already written.

Would you please tell what you're going to do with the intercepted
packets (if it's IP it's a packet, if it's TCP it's a segment).

The iptables module collection is pretty good in intercepting
and mangling the packets. If you nee link-level handling
(e.g. Ethernet), ebtables is the thing.

--

Tauno Voipio
tauno voipio (at) iki fi

.

Relevant Pages

  • Re: Serial (rs232 etc.) to IP
    ... >> corresponds to 100-1000 character times. ... >character packets when many common embedded TCP devices try to talk to ... If you are using a protocol that was initially written for serial line ...
    (comp.arch.embedded)
  • Re: Serial (rs232 etc.) to IP
    ... Some converters wait 10-100 ms after the last serial character received, before the (TCP or UDP) IP-frame is sent. ... character packets when many common embedded TCP devices try to talk to common desktop operating systems. ... If you are using a protocol that was initially written for serial line ...
    (comp.arch.embedded)
  • Re: paket size TCP
    ... > you have lots of protocol turnarounds. ... Eventually TCP will not be able ... opportunity to merge the data into fewer packets. ...
    (comp.os.linux.development.system)
  • Re: Serial (rs232 etc.) to IP
    ... TCP is a connection based protocol and as such it ensures that all data is ... There is no need to 'use' another protocol like Telnet if all you wish to do ... acknowledgement when the socket is first negotiated. ... >>>character packets when many common embedded TCP devices try to talk to ...
    (comp.arch.embedded)
  • Re: Socket help...
    ... >> You are going to have to give us more details of the protocol, ... > I think the packets are pretty simple; just one or two characters at a time. ... the "RST flag" is extremely ... TCP in some bizarre way, or are you talking about some higher-level ...
    (comp.lang.tcl)