ProgrammingThis forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi all,
I have encountered some issues regarding to netfilter hooks. My intention is to monitor the traffic and make a skb_copy() call on the specific packets. Because i need to modify the content. After modification process, i need to send this new skb out as usual. However,i couldn't do so by calling skb_queue_head(). is there any tutorials on this subject?
Thanks for the link,orgcandman.
As i understand, dev_queue_xmit() will put the skb into queue of network card to wait for transmitting out. does it mean the skb will skip ANY other hook points?(NF_IP_LOCAL_IN,etc),because the hook is registered in NF_IP_PRE_ROUTING.
new_skb = skb_copy(old_skb, GFP_ATOMIC);
.
.
modification process on the new_skb
.
.
if(new_skb){
kfree_skb(*skb);
*skb = new_skb
return NF_ACCEPT;
}
Basically, the original *skb points to the new_skb and return NF_ACCEPT. I use another hook in NF_IP_LOACAL_IN to detect the modified packets, so it works.
However I hope there are further discussion on how to generate and insert more than one skb into list for delivery?
new_skb = skb_copy(old_skb, GFP_ATOMIC);
.
.
modification process on the new_skb
.
.
if(new_skb){
kfree_skb(*skb);
*skb = new_skb
return NF_ACCEPT;
}
Basically, the original *skb points to the new_skb and return NF_ACCEPT. I use another hook in NF_IP_LOACAL_IN to detect the modified packets, so it works.
However I hope there are further discussion on how to generate and insert more than one skb into list for delivery?
Yes it works, Thanks
But I should comment kfree_skb(*skb); when I uncomment kfree_skb(*skb); my OS hangs.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
