Netfilter kernel module hook at PREROUTING forward packet use ip_forward(sk_buff)
hi all
a netfilter kernel module hoot at PREROUTING
and forward packet
---------------------------
......
decide outgoing path
......
ip_forward(sk_buff)
return NF_STOLEN
--------------------------
iptables -t mangle -A FORWARD -s 192.168.1.0 -j MARK --set-mark 0xa
traffic never match rule in FORWARD chain
any function can make traffic through FORWARD chain
thanks for any advice
|