what is the function?

wangjinyi · 11-04-2005, 02:12 AM

when you look in the source code of linux kernel, you can see
that skb->dst->output(skb) will be invoke after NF_HOOK.

but, i can't find the function exactly.

where the func is ,and how to find it.

thx

paulsm4 · 11-05-2005, 12:48 AM

Hi -

SUGGESTION:

The "id-utils" tools can be ENORMOUSLY helpful for finding stuff in large code bases - it's a bit like having your own private "google" for a source tree:

http://directory.fsf.org/GNU/idutils.html

All you have to do to use it is:

1) Install the GNU "id-utils" on your system (if it's not already there)
2) cd to your toplevel directory (e.g. "/usr/src/linux") and run "mkid" (no arguments, nothing special)
3) Whever you want to look up a function, variable name, constant, struct definition - just run "gid <NAME> | grep <FILTER>"

In this case:

cd /usr/src/linux-2.6.11.4-20a
gid NF_HOOK|less
include/linux/netfilter.h:156:#define NF_HOOK(pf, hook, skb, indev, outdev, okfn) \
... <= MANY OTHER HITS: BUT THIS LINE IS OUR "BINGO!"

or:
gid output|grep skb|less

include/net/dst.h:228: err = skb->dst->output(skb);
net/bridge/br_netfilter.c:160: * skb->dst->output() which will make the packet enter br_nf_local_out()
net/bridge/br_netfilter.c:200: skb->dst->output(skb);
net/ipv4/ip_output.c:217: return dst->neighbour->output(skb);
net/ipv6/ip6_output.c:89: return dst->neighbour->output(skb);

And, finally, we look at line 160 in source file "net/bridge/br_netfilter" (as in "Bridge Netfilter"), and we see:

Quote:

* If skb->dst->dev equals the logical bridge device the packet
* came in on, we can consider this bridging. We then call
* skb->dst->output() which will make the packet enter br_nf_local_out()
* not much later. In that function it is assured that the iptables
* FORWARD chain is traversed for the packet.

wangjinyi · 11-06-2005, 06:41 PM

so many thans to you.

but, i don't think so. the output is a pointer of a function.
and, what the pointer point to exactly should be exposed
clearly.

in my opinion, for different struct dst_entry the pointer will
point to different function. because, after the NF_HOOK
NF_IP_LOCAL_OUT, the packet maybe will be passed to route
process or other functions which can invoke the NF_HOOK
NF_IP_POST_ROUTING, and no NF_IP_FORWARD will be
invoked, so i think, we should find the exactly source code
where the callback function be registered for pointer output.

but, it is a little more difficult for me. i try it for two days but ...

wangjinyi · 11-06-2005, 08:08 PM

Hi, i have find the function used. that is the ip_output(struct sk_buff*) in
ip_output.c.