Linux Routers working

Linux Routers working

[cranium2003]

Hello,
        Is there any way on linux routers to know on
which interface packet is forwarded before actually
packet trasmission begins? Also before packet
processed by IP layer can it be possible to know from
which adjecent Router'IP packet came to that router?
regards,
cranium


		
__________________________________ 
Yahoo! Mail Mobile 
Take Yahoo! Mail with you! Check email on your mobile phone. 
http://mobile.yahoo.com/learn/mail 

Linux Routers working

[cranium2003]

 Hello,
        Is there any way on linux routers to know on
which interface packet is forwarded before actually
packet trasmission begins? Also before packet
processed by IP layer can it be possible to know from
which adjecent Router'IP packet came to that router?
regards,
cranium


		
__________________________________ 
Yahoo! Mail Mobile 
Take Yahoo! Mail with you! Check email on your mobile phone. 
http://mobile.yahoo.com/learn/mail 

Re: Linux Routers working

[Jonas Berlin]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Quoting cranium2003 on 2005-05-13 04:15 UTC:
>         Is there any way on linux routers to know on
> which interface packet is forwarded before actually
> packet trasmission begins?

In the FORWARD table you know both the incoming and outgoing interface:

This will match packets coming in from eth0 and going out on eth1:

iptables -A FORWARD -i eth0 -o eth1 ...

> Also before packet
> processed by IP layer can it be possible to know from
> which adjecent Router'IP packet came to that router?

No, but the MAC address is available. You just have to find out what the
mac address of the router in question and do:

iptables -A INPUT -m mac --mac-source 01:23:45:67:89:AB ...

- --
- - xkr47
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFChDoExyF48ZTvn+4RAsN5AJwPHokkgN2tnHTiA0skEJqT3x72BACgnPdp
Szvrqa0td9onDdsoNDw19Zw=
=gp/k
-----END PGP SIGNATURE-----

Re: Linux Routers working

[cranium2003]

--- Jonas Berlin <xkr47@outerspace.dyndns.org> wrote:
> Quoting cranium2003 on 2005-05-13 04:15 UTC:
> >         Is there any way on linux routers to know
> on
> > which interface packet is forwarded before
> actually
> > packet trasmission begins?
> 
> In the FORWARD table you know both the incoming and
> outgoing interface:
> 
> This will match packets coming in from eth0 and
> going out on eth1:
> 
> iptables -A FORWARD -i eth0 -o eth1 ...
> 
   Can i get that information thru' C program
user/kernel mode netfilter program? Because you have
given the rule to forward packet but what if Router
have 3 or 4 NIC network interfaces? I want to print
somrthing like LOG that prints that packet has srcip
and dstip and is going through eth0/eth1/eth2/eth3.
 
> > Also before packet
> > processed by IP layer can it be possible to know
> from
> > which adjecent Router'IP packet came to that
> router?
> 
> No, but the MAC address is available. You just have
> to find out what the
> mac address of the router in question and do:
> 
> iptables -A INPUT -m mac --mac-source
> 01:23:45:67:89:AB ...
       No suppose i have no info about adjecent
routers mac addresses and when packet came at
destination Router at Link layer/IP layer can i
determine from which router the packet came to
destination router?
regards,
cranium


		
Discover Yahoo! 
Get on-the-go sports scores, stock quotes, news and more. Check it out! 
http://discover.yahoo.com/mobile.html

Re: Linux Routers working

[James R. Leu]

[-- Attachment #1: Type: text/plain, Size: 878 bytes --]

On Thu, May 12, 2005 at 09:16:23PM -0700, cranium2003 wrote:
>  Hello,
>         Is there any way on linux routers to know on
> which interface packet is forwarded before actually
> packet trasmission begins? Also before packet
> processed by IP layer can it be possible to know from
> which adjecent Router'IP packet came to that router?
> regards,
> cranium

I think the OUTPUT chain in iptables already knows what the outbound
interface is, so you could make a decision based on that.

I think you can use the mac target in the PREROUTING chain to get access
to the source MAC address.

I think all of your answers are in iptables.


> 
> 
> 		
> __________________________________ 
> Yahoo! Mail Mobile 
> Take Yahoo! Mail with you! Check email on your mobile phone. 
> http://mobile.yahoo.com/learn/mail 

-- 
James R. Leu
jleu@mindspring.com

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

Re: Linux Routers working

[Jonas Berlin]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Quoting cranium2003 on 2005-05-13 06:09 UTC:
>> iptables -A FORWARD -i eth0 -o eth1 ...
> 
> Can i get that information thru' C program user/kernel mode netfilter
> program? Because you have given the rule to forward packet but what
> if Router have 3 or 4 NIC network interfaces? I want to print 
> somrthing like LOG that prints that packet has srcip and dstip and is
> going through eth0/eth1/eth2/eth3.

In the kernel it's surely available.. In userspace, ULOG might give the
information, I'm not sure..

>>> Also before packet processed by IP layer can it be possible to
>>> know from which adjecent Router'IP packet came to that router?
>> 
>> No, but the MAC address is available. You just have to find out
>> what the mac address of the router in question and do:
>> 
>> iptables -A INPUT -m mac --mac-source 01:23:45:67:89:AB ...
> 
> No suppose i have no info about adjecent routers mac addresses and
> when packet came at destination Router at Link layer/IP layer can i 
> determine from which router the packet came to destination router?

Well the mac address is the only way to tell which adjecent router the
packet came from. You could use the arp table to determine the ip of
that router.

- --
- - xkr47
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFCoW+axyF48ZTvn+4RAq5VAKCv+U09k0cWZ1zsnvqXsGKG/T46ewCgk5bf
d7dlNXN7WYET32UTyH8VVVA=
=G2Nt
-----END PGP SIGNATURE-----