These days I am using netfilter to make kernel module which behaves like a gateway. More exactly, this module runs on a machine that has two NICs, one connects to internal network and the other connects to a router that can accesses the Internet. The module will inspect (and modify if necessary) the packets that come from one NIC, then transfer them to another NIC.

I plan to add a hook function to NF_IP_PRE_ROUTING to do this.
Now I have several questions about writing my hook function, as listed below:
1. Inside the hook function, how could I know which NIC the packet comes from? Through the Destination MAC Address that contained in the struct sk_buff?
2. For any ARP request, I want to give a reply of my own MAC (ARP spoofing), which function should I use for send back an ARP reply? What is more, after sending out reply, my hook function should return NF_STOLEN?
3. For some TCP/UDP packets, after modifying some fields (for example, destination IP or Port number), I want to forward it directly to another NIC without passing them to protocol stack and application, how can I achieve this? Again, my hook function should return NF_STOLEN?

Thanks in advance.