Re: How to re-send out the packets captured by my hook function at NF_IP_PRE_ROUTING

Thanks for your reply, Srinivas!

But maybe I failed to describe the problem that I am facing. It's ture
as you said that I have a module, which registers  a function to a
netfilter hook. Whenever there is an incoming packet, the function
could catch it and make some changes to it : wrap it in a new iphdr,
change the src and dst ip, etc. This is what I've done.

Now a problem comes that, how do I send it out directly? -- By
'directly', I mean to do it just in the kernel space, not first
passing it to a userspace application(thru NF_QUEUE like you said, or
netlink socket, anyway) and then let the application send it out.

The difficulty is that, since I changed the src and dst ip, the mac
address information is totally unavailable. That may be able to
explain the reason why I used skb->dev->hard_start_xmit(...) and then
the kernel crashed.

Is there any way to achieve my goal? Or that is mission impossible?

Wish I've explained clearly enough.

Many thanks for your help indeed!

Best regards,
Gu, Xinxing



2006/4/27, Srinivas G. <[email protected]>:
>
> > I've read what you mentioned and since I've done most of the work in
> > kernelspace, I wonder if there is any way to send out the modified
> > packet directly, when of course the mac address is not filled?
>
> I am trying to understand your current situation. So you have a kernel
> module that is subscribed to a certain netfilter hook and as a result
> starts
> receiving packets; and now you want to pass these packets from your
> kernel
> module to a userspace application? Is this correct?
>
> If this is your current situation, you should issue a NF_QUEUE verdict
> for
> arriving packets in your kernel module to queue the packets to
> userspace.
> Subsequently, you will need to create a user space application to
> receive the queued packets and run it. You can use libipq to write a
> userspace
> application that will accept queued packets. See the man page of libipq
> for
> more information on how to do this (the man page contains a fully
> working
> example).
>
> Regards,
> Srinivas G
>
>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• Prev by Date: 2.6.17-rc2-mm1: ACPI_DOCK=n, HOTPLUG_PCI_ACPI=y compile error
• Next by Date: Re: Simple header cleanups
• Previous by thread: Re: How to re-send out the packets captured by my hook function at NF_IP_PRE_ROUTING
• Next by thread: [PATCH] cpufreq {d,}printk adjustments
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]