Jan Engelhardt wrote:
> while writing a netfilter match module I found that, when run,
> skb->h.th is not set to the TCP header (it is assured that the packet
> _is_ TCP), as this printk shows me:
>
> skb: h.th=cb5bc4dc nh.iph=cb5bc4dc mac.raw=cb5bc4ce head=cb5bc400
> data=cb5bc4dc tail=cb5bc510 end=cb5bc580
>
> Is it intended that skb->h.th is not set to skb->data + length of ip
> header (skb->data+protoff as far as netfilter matches are concerned)?
The netfilter hooks are placed in the network layer, therefore skb->h.th
is not set in the input path since the packet did not reach the
transport layer yet (prerouting/input), but it is set in the output path
because it already passed by the transport layer (output/postrouting).
BTW, I'm unsure that this can be of interest in the linux-kernel list,
please there's no need to cc everyone. Use netfilter or linux-net
instead next time.
--
The dawn of the fourth age of Linux firewalling is coming; a time of
great struggle and heroic deeds -- J.Kadlecsik got inspired by J.Morris
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
