Hello everyone,

I am working on a kernel module that would situate on a router between two machines in a intranet.

Basically I don't want the client know the server but my router.
The router is reponsible for forwading packets to the server and send resopnse to client from the server transparently.

Now I simply finishing 'fowarding ' by netfilter in 'Pre_route' hook. ( Modifing my_ipheader->daddr in receiving client or server packets).

The new feaures I am going to add is buffering on the router.
I am thinking of establish a kernel socket in a separate thread in the router, then when I catch the packet from client or server in netfilter, I would modify the my_ipheader->daddr to the real address of the router, in which the kernel socket would handle and buffering the packets.

yet I am not quite sure about the following issues:

1. Do I have to handle things in Post-route hook ? My module currently works good in forwarding (since my router is not really forwarding anything besides packets from the client and the server). I am not sure whether there are some potential issues there.

2. For the kernel socket, if I establish one, would it receive packets that between pre_route hook and post_route hook ? (After pre_local_in and before post_local_in)


I know this could somewhat be done with user-level socket but I really like to test netfilter and kernel socket.

Any idea is well appreciated,


Thanks,

-Kun