-   Linux - Networking (
-   -   Disable TCP/IP Stack from user-space (

kiran_cyberpro 05-22-2007 07:40 AM

Disable TCP/IP Stack from user-space

I am the author of the Open-Source Project: Traffic Squeezer
Refer project URL for more details:

For my project, I need my basic Linux box to run more like a transparent L2-bridge.

So, i want to disable the TCP/IP kernel space stack from the user-space.
Though a new kernel build can be built with no TCP option.
But, I want an option to disable it from the kernel which has got already the
TCP/IP stack up, from my user-space application too, when in need during runtime,
through some ioctl() calls, etc.

Can anyone help me on this regard :Pengy:

Rgds, Kiran. K

osor 05-22-2007 12:29 PM

I’m not sure if you can do this easily on a per-process basis (is that the question?). You can always unload the tcp module (if in fact tcp was built as a module). You might also try looking at some of the options given by sysctl.

osor 05-22-2007 08:06 PM

There is of course the counterintuitive approach of using additional networking functionality to disable normal networking functionality: netfilter. There are a few iptables matches/targets which might prove beneficial to you (e.g., the “owner” match that may deny or accept based on PID or UID). This still means the functionality is in the kernel, it just limits it.

kiran_cyberpro 05-22-2007 11:21 PM

Yep, customizing kernel and adding the API would be the choice possible, only if I provide the complete embedded solution(with hardware), or a custom distribution or some patch along with my application code.

But, say suppose end-user(may or may not know much about Linux OS stuff) have a fresh installation of any Linux distribution(Fedora, Ubuntu, SUSE, etc, etc).

With my code, without any hassles I want him to just install and make use of this functionality.

Firewalls: well, thats seems to be a good idea, if not for ever at least for temporary fix. The reason behind this i don't want to burden the kernel by doing more processing by doing packet classification and filtering. And wanna avoid it some extent

rgds, Kiran. K

Matir 05-22-2007 11:54 PM

If you want to completely get rid of the network stack "on demand" on any kernel, would it not be sufficient to just take all interfaces down?

kiran_cyberpro 05-23-2007 12:04 AM

Hi Matir

I need networking option very much. Since the project is going to accept network traffic. Process in Layer-2 level like a network bridge/switch. But i want to disable the TCP/IP stack from user-space.

rgds, Kiran

shenaidd 01-03-2009 07:36 AM

I am facing the same problem as mentioned by Kiran. Could you please suggest a solution?

All times are GMT -5. The time now is 04:30 AM.