All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Sarbeswar Mohapatra" <Sarbeswar.Mohapatra@nethawkgroup.com>
To: <netfilter-devel@lists.netfilter.org>
Subject: Packet forwarding using netfilter
Date: Wed, 30 May 2007 22:15:43 -0500	[thread overview]
Message-ID: <003701c7a331$fa5b9760$9f0201c0@nethawk.fi> (raw)

Hi,
Can anybody help me, how to forward the incoming packets to another machine
using PRE_ROUTING hook (case-1 through the same interface the packet came
in, case-2 through a different interface).
In case of case-2, I tried turning on the ip forwarding option in (echo 1 >
/proc/sys/net/ipv4/ip_forward), but no luck. Basically the packet probably
gets discarded in ip_receive_finish function, but not sure.

Here is the sample code, where after receiveing the packet in the hook, the
ip address is changed (skb->nh.ip->saddr = xxx, skb->nh.ip->daddr = yyyy)
and the route is updated,
     struct flowi fl;

     fl.nl_u.ip4_u.daddr = xxx;
     fl.nl_u.ip4_u.saddr = yyy;
     fl.nl_u.ip4_u.tos = 5;

    (*skb)->nfcache |= NFC_IP_SRC;
    (*skb)->nfcache |= NFC_IP_DST;
    (*skb)->nfcache |= NFC_ALTERED;

    if (ip_route_output_key(&rt, &fl) < 0)
    {
        printk("No output route ...\n");
        return -1;
    }
    else
    {
        if ((*skb)->dst)
            dst_release((*skb)->dst);
        (*skb)->dst = dst_clone(&rt->u.dst);
        (*skb)->dev = rt->u.dst.dev;
        ip_rt_put(rt);
    }

Regards,
Sarbeswar

                 reply	other threads:[~2007-05-31  3:15 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='003701c7a331$fa5b9760$9f0201c0@nethawk.fi' \
    --to=sarbeswar.mohapatra@nethawkgroup.com \
    --cc=netfilter-devel@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.