Looking for small Confirmation about skb_pull & NF_ACCEPT !!!
Kesava Srinivas
vunnavafuture at gmail.com
Mon Apr 2 04:42:51 EDT 2012
HI Friends,
Looking for a Confirmation on my analysis.
Once after Capturing the Socket Buffer in PRE_ROUTING Hook; Manipulated the
Socket Buffer by using the "skb_pull" Kernel Function. Using skb_pull;
stripped 28 bytes (IP+UDP) which are the Part of outer UDP/IP Header. Now;
My intention was to route the skb based on the Inner IP Header which is
sitting after stripping 28 bytes. At the END; returned NF_ACCEPT.
Even though; skb_pull worked Fine., Kernel's Stack is still looking in to
Outer Header only for Routing the Packet.I expected ;Kernel will look the
Inner Header (As data Pointer was incremented by 28 bytes via skb_pull) and
Take decision based on the Inner one. But; that didn't happened. It looks
to me like; we need to always use NF_STOLEN & should write our own code to
route based on the INNER HEADER. Was my conclusion correct ??
-Thanks in Advance,
VKS
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20120402/bd25fbec/attachment.html
More information about the Kernelnewbies
mailing list