Implementing Network Packet Capturing in Linux-3.5.7

Prasad Lakshman prasad.bl.emb at gmail.com
Wed Mar 13 09:25:16 EDT 2013


Hi,

I am trying to implement packet capturing in Linux-3.5.7.
I have the procedure which works in Linux-2.4 , will the same
procedure work on Linux-3.5.7

I am bit new to this , the procedure i am following is implementing
Netfilter hooks

 capture the packets at several points of path in TCP/IP protocol stack

NF_IP_PRE_ROUTING     1st hook
NF_IP_LOCAL_IN             2nd hook
NF_IP_FORWARD            3rd
NF_IP_POST_ROUTING    4th
NF_IP_LOCAL_OUT          5th

 Each hook is activated.

Kernel modules can register to listen at any of these hooks.

1.	NF_ACCEPT		.
2.	NF_DROP		        .
3.	NF_STOLEN		.
4.	NF_QUEUE		.
5.	NF_REPEAT		.

does this procedure work with the new kernel version also

now from user space i am going to use Libipq I for communicating with ip_queue.


Please someone let me know if i am missing something,


Regards,
Blprasad.



More information about the Kernelnewbies mailing list