Re: [libipq] owner of packet, possible patch

[Eric Leblond <eric@inl.fr>]

[-- Attachment #1: Type: text/plain, Size: 1529 bytes --]

Le mardi 06 mars 2007 à 16:39 +0100, Jack Bauer a écrit :
> Hi,
> 
> I'm a student in computer science and for my master thesis i have to
> handle packets in a userspace queue. Libipq works fine for me, except
> one information which is missing: the owner of a (transmitted) packet.

ipqueue is deprecated in favor of libnetfilter_queue and I'm quiet sure
that no new functionnalities will be pushed to upstream. You may try to
port this to libnetfilter_queue and send your patch to netfilter-devel.

> With the following two additional lines, the problem seems to be solved:
> 
> in file
>    include/linux/netfilter_ipv4/ip_queue.h
> in
>    typedef struct ipq_packet_msg_t
> line 33 add:
> 
>         unsigned int uid;               /* uid of packet owner*/
> 
> 
> in file
>    net/ipv4/netfilter/ip_queue.c
> line 249 add:
> 
>         pmsg->uid             = entry->skb->sk->sk_socket->file->f_uid;

I don't think this information will be available for non-local packet
(What happens if you queue a packet in FORWARD chain ?). You need at
least to protect the assignement.

> Initial tests have been successful and are showing the correct uid in
> ipq_packet_msg_t in userspace. Please tell me, what you think about
> this modification.
> 
> Since I found some other people who are looking for the same
> information, i wonder if there is a possibility to include the uid
> field officially in the source of netfilter?!

Don't think so.

BR,
-- 
Eric Leblond <eric@inl.fr>
INL

[-- Attachment #2: Ceci est une partie de message numériquement signée --]
[-- Type: application/pgp-signature, Size: 189 bytes --]