Priorities on Netfilter hook and kernel socket
Hello everyone,
I am working on a kernel module that would situate on a router between two machines in a intranet.
Basically I don't want the client know the server but my router.
The router is reponsible for forwading packets to the server and send resopnse to client from the server transparently.
Now I simply finishing 'fowarding ' by netfilter in 'Pre_route' hook. ( Modifing my_ipheader->daddr in receiving client or server packets).
The new feaures I am going to add is buffering on the router.
I am thinking of establish a kernel socket in a separate thread in the router, then when I catch the packet from client or server in netfilter, I would modify the my_ipheader->daddr to the real address of the router, in which the kernel socket would handle and buffering the packets.
yet I am not quite sure about the following issues:
1. Do I have to handle things in Post-route hook ? My module currently works good in forwarding (since my router is not really forwarding anything besides packets from the client and the server). I am not sure whether there are some potential issues there.
2. For the kernel socket, if I establish one, would it receive packets that between pre_route hook and post_route hook ? (After pre_local_in and before post_local_in)
I know this could somewhat be done with user-level socket but I really like to test netfilter and kernel socket.
Any idea is well appreciated,
Thanks,
-Kun
Last edited by Kunsheng; 05-01-2009 at 12:14 PM.
|