Netfilter and IPPROTO_RAW

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Paul Rolland" <rol@as2917.net>
To: <netfilter-devel@lists.netfilter.org>
Cc: <rol@as2917.net>
Subject: Netfilter and IPPROTO_RAW
Date: Tue, 19 Nov 2002 20:02:40 +0100	[thread overview]
Message-ID: <00ba01c28ffe$3bc9a0d0$6a00a8c0@witbe> (raw)

Hello,

I hope my question is not completely stupid....

I've read most of the documentation I can find related to Netfilter
in Kernel 2.4, and thru that, I now have a quite good idea of how to
use it...

My question is : at which place in the kernel does the Netfilter
code interact ?

I've a machine with more than one interface, and different default
routes.
To manage this, I have installed some rules :

/sbin/ip rule add from "IP.int.1" table eth1
/sbin/ip route add default via "IP.gw.1" dev eth1 table eth1

/sbin/ip rule add from "IP.int.2" table eth2
/sbin/ip route add default via "IP.gw.2" dev eth2 table eth2

This is supposed to route packets based on the source IP of the
packet, and throw it directly to the correct interface.

My problem is that one of the program we are using is sending
its packets to a socket that has been created by :
theSocket = socket(PF_INET, SOCK_RAW, IPPROTO_RAW);
and it seems from all the tests I've conducted that these packets
are bypassing all the rules aboved mentionned...

Is there a way to interact on packets sent to such a socket ?

Thanks for your help,
Regards,

Paul Rolland, rol@as2917.net

next             reply	other threads:[~2002-11-19 19:02 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2002-11-19 19:02 Paul Rolland [this message]
2002-11-24  9:55 ` Netfilter and IPPROTO_RAW Patrick Schaaf

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='00ba01c28ffe$3bc9a0d0$6a00a8c0@witbe' \
    --to=rol@as2917.net \
    --cc=netfilter-devel@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.