From: Thomas Mader <thezema@gmail.com>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: netfilter-devel@lists.netfilter.org
Subject: Re: remove connections notification by conntrack?
Date: Sun, 15 Oct 2006 15:01:19 +0200 [thread overview]
Message-ID: <200610151501.28715.thezema@gmail.com> (raw)
In-Reply-To: <4516A577.7080802@netfilter.org>
[-- Attachment #1: Type: text/plain, Size: 4453 bytes --]
Hi Pablo,
we figured out what the problem was some time ago, sorry for the delay. We
forgot to put it back as you said earlier.
We want to publish our code soon here on the mailinglist to finish this topic
and to help others with our code as an example but we don't find out how to
send ICMP packets from kernelspace.
Maybe you or somebody else could point us to some code example or something so
we can implement it? We searched the kernel code and the net for examples but
we wasn't successful at finding working examples.
We want to send an ICMP echo request to the destination of the UDP flows and
measure the round-trip-time with the returning echo reply.
Here is something of what we tried to send such a request.
struct sk_buff *buf;
struct iphdr* iph = (struct iphdr*)kmalloc(sizeof(struct iphdr),
GFP_KERNEL);
struct icmphdr* icmph = (struct icmphdr*)kmalloc(sizeof(struct
icmphdr), GFP_KERNEL);
if (!iph || !icmph)
printk("Could not allocate iph or icmph\n");
buf = alloc_skb(sizeof(struct iphdr) + sizeof(struct icmphdr)+
2*(skb->dev->addr_len+4)
+ LL_RESERVED_SPACE(skb->dev),
GFP_ATOMIC);
//buf = dev_alloc_skb(sizeof(struct iphdr) + sizeof(struct icmphdr));
if(!buf)
printk("error\n");
skb_reserve(buf, LL_RESERVED_SPACE(skb->dev));
buf->nh.iph = buf->data;
icmph = (struct icmphdr *) skb_put(buf,sizeof(struct iphdr) +
sizeof(struct icmphdr) + 2*(skb->dev->addr_len+4));
buf->dev = skb->dev;
buf->protocol = htons(ETH_P_IP);
buf->sk = skb->sk;
icmph->type = ICMP_ECHO; //8
icmph->code = ICMP_ECHO; //0
icmph->checksum = 0;
icmph->un.echo.id = connection_id;
icmph->un.echo.sequence = 0;
iph->version = 4;
iph->ihl = 5;
iph->tos = 0;
iph->tot_len = sizeof(struct iphdr) + sizeof(struct icmphdr);
iph->id = htons(0);
iph->frag_off = 0;
iph->ttl = 64;
iph->protocol = IPPROTO_ICMP;
// iph->check //in_cksum((unsigned short *)ip, sizeof(struct iphdr));
iph->saddr = skb->nh.iph->daddr;
iph->daddr = skb->nh.iph->saddr;
// buf.mac.raw =
// buf.cb = NULL;
buf->h.icmph = icmph;
buf->nh.iph = iph;
p->echo_request = 1;*/
//TODO send ICMP echo request
// We are getting a warning for the first arg here, dunno why
//icmp_send(buf, 8, 0, 0);
//icmp_send(buf, ICMP_ECHO , ICMP_ECHO , 0);
skb->sk = icmp_socket->sk;
icmp_send(skb, ICMP_ECHO, ICMP_ECHO, 0);
//kfree(buf);
//kfree(iph);
//kfree(icmph);
best regards,
Thomas
On Sunday 24 September 2006 17:34, you wrote:
> Thomas Mader wrote:
> > On Sunday 24 September 2006 05:10, Pablo Neira Ayuso wrote:
> >> events & IPCT_DESTROY
> >>
> >>> printk("We have been notified that connection %d was deleted!\n",
> >>> ct->id); }
> >>>
> >>> return 0;
> >>> }
> >>>
> >>>
> >>> static struct notifier_block ctnl_notifier = {
> >>> .notifier_call = ipaddr_conntrack_event,
> >>> };
> >>>
> >>>
> >>> static int __init init(void)
> >>> {
> >>> int ret;
> >>> need_conntrack();
> >>> ret = ip_conntrack_register_notifier(&ctnl_notifier);
> >>> if (ret < 0) {
> >>> printk("ipaddr_init: cannot register notifier.\n");
> >>> goto err_unreg_notifier;
> >>> }
> >>> //ip_conntrack_destroyed = destroyed_connect;
> >>>
> >>> printk(KERN_CRIT "init!\n");
> >>> return ipt_register_match(&ipaddr_match);
> >>>
> >>> err_unreg_notifier:
> >>> ip_conntrack_unregister_notifier(&ctnl_notifier);
> >>> return 1;
> >>> }
> >>>
> >>> But the problem remains the same. It works for TCP and I get properly
> >>> notified about those but not about UDP.
> >>
> >> Try with what I told you above and let me know if it works
> >
> > No it doesn't. I tried "events & IPCT_DESTROY" already and it didn't
> > work. Now I tested it once again with same result.
>
> Works fine here with the toy module attached:
>
> Sep 24 17:30:52 Decadence kernel: protonum=17
> Sep 24 17:31:26 Decadence last message repeated 2 times
> Sep 24 17:31:47 Decadence kernel: protonum=6
[-- Attachment #2: Type: application/pgp-signature, Size: 827 bytes --]
next prev parent reply other threads:[~2006-10-15 13:01 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-09-22 11:59 remove connections notification by conntrack? Thomas Mader
2006-09-22 12:58 ` Pablo Neira Ayuso
2006-09-22 13:19 ` Thomas Mader
2006-09-22 15:00 ` Pablo Neira Ayuso
2006-09-23 9:23 ` Thomas Mader
2006-09-24 3:10 ` Pablo Neira Ayuso
2006-09-24 9:51 ` Thomas Mader
2006-09-24 15:34 ` Pablo Neira Ayuso
2006-10-15 13:01 ` Thomas Mader [this message]
2006-10-15 16:11 ` Pablo Neira Ayuso
2006-10-15 17:03 ` Thomas Mader
2006-09-25 17:12 ` Alan Ezust
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200610151501.28715.thezema@gmail.com \
--to=thezema@gmail.com \
--cc=netfilter-devel@lists.netfilter.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.