LinuxQuestions.org - ebtables : Changing destination MAC address using kernel modules

- Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)

- - ebtables : Changing destination MAC address using kernel modules (https://www.linuxquestions.org/questions/linux-networking-3/ebtables-changing-destination-mac-address-using-kernel-modules-937385/)

ebtables : Changing destination MAC address using kernel modules

Hey there!
So I have been working on directing my outgoing traffic to different computers in my LAN. So to begin with, I need to change the address of outgoing packets. Which I am doing in ebtable NAT OUTPUT(NF_BR_LOCAL_OUT) hook, belonging to the NFPROTO_IPV4 family.
Also I am using the following code:

Code:

#include <generated/autoconf.h>

#include <linux/module.h>

#include <linux/kernel.h>

#include <linux/string.h>

#include <linux/skbuff.h>

#include <linux/types.h>

#include <linux/netfilter_ipv4.h>

#include <linux/netfilter_bridge.h>

#include <linux/socket.h>

#include <linux/netfilter.h>



struct nf_hook_ops hook_ex;



unsigned int function_hook( unsigned int hook, struct sk_buff **pskb, const 

struct net_device *in,

                            const struct net_device *out, int (*okfn)(struct sk_buff *))

{

        

char a[] = { 0x00, 0x24, 0x21, 0x03, 0xd4, 0x31};

printk("changing IP dst address in %s\n", __FUNCTION__);

if (skb_shared(*pskb) || skb_cloned(*pskb)) {

struct sk_buff *nskb;

 printk("in if if (skb_shared(*pskb) || skb_cloned(*pskb)) \n");



nskb = skb_copy(*pskb, GFP_ATOMIC);

if (!nskb)

return NF_DROP;

if ((*pskb)->sk)

skb_set_owner_w(nskb, (*pskb)->sk);

kfree_skb(*pskb);

*pskb = nskb;

}

memcpy(eth_hdr(*pskb)->h_dest, a, ETH_ALEN);

return NF_ACCEPT;

}



static int __init init(void)

{

  // hook

  hook_ex.list.next = NULL;

  hook_ex.list.prev = NULL;

  hook_ex.hook = function_hook;

  //  hook_ex.list.flush = NULL;

  hook_ex.pf = NFPROTO_IPV4;

  hook_ex.hooknum = NF_BR_LOCAL_OUT;

        printk(KERN_INFO "[CCD] Successfully inserted module into kernel.\n");

  return nf_register_hook(&hook_ex);

}



static void __exit fini(void)

{

  nf_unregister_hook(&hook_ex);

        printk(KERN_INFO "[CCD] Successfully unloaded module.\n");

}



module_init(init);

module_exit(fini);

But when I insert the module my system hangs. And i need to reboot each time. Making debugging very tough (not that i could do much either ways :P)
So here it is. So any ideas guys?

Digvijay

Most probably lack of promisc on NIC which is supposed to send this traffic, or your NIC isn't able to do so.
P.S. What debugging? You have no debugging in this modules!

Quote:

Originally Posted by WizadNoNext (Post 4641312)

Most probably lack of promisc on NIC which is supposed to send this traffic, or your NIC isn't able to do so.
P.S. What debugging? You have no debugging in this modules!

Hmm, it was worth a try. I did that. But no use. Still got hung. So I am still looking up the forum, and googling to find something useful.

Digvijay
PS: No debugging here.

Actually it could be hunging on atomic operations. It is worth checking. AFAIK atomic operation would turn off interrupts, so you should check, if it is reason.

Actually I have read your first post again and I can answer you, that all your code is completely needless. All what you have to do is to change destination MAC either in ARPtables or EBtables (EBtables only if you are sending this packet by bridge)