* [LARTC] packet in the kernel
@ 2007-03-07 9:53 Simone84bo
2007-03-07 11:43 ` Rodolfo Brasnarof
0 siblings, 1 reply; 2+ messages in thread
From: Simone84bo @ 2007-03-07 9:53 UTC (permalink / raw)
To: lartc
Hi all,
Can someone say me the theoretic way of packet in the kernel.
When the packet will be send to a IMQ device?
When the packet arrives to post routing time?
When operation of NAT occur? befor or later that the packet will send to net
device?
Thanks
Bye
Simone
--
Email.it, the professional e-mail, gratis per te: http://www.email.it/f
Sponsor:
Problemi di Liquidità? Con Logos Finanziaria 30.000 € in 24 ore a
dipendenti e lavoratori autonomi con rimborsi fino a 120 mesi clicca qui
Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid)07&d 070307
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [LARTC] packet in the kernel
2007-03-07 9:53 [LARTC] packet in the kernel Simone84bo
@ 2007-03-07 11:43 ` Rodolfo Brasnarof
0 siblings, 0 replies; 2+ messages in thread
From: Rodolfo Brasnarof @ 2007-03-07 11:43 UTC (permalink / raw)
To: lartc
[-- Attachment #1: Type: text/plain, Size: 949 bytes --]
On Wed, 7 Mar 2007 10:53:12 +0100
Simone84bo <simone84bo@email.it> wrote:
> Hi all,
> Can someone say me the theoretic way of packet in the kernel.
Perhaps this diagram can help you:
http://l7-filter.sourceforge.net/PacketFlow.png
I'll attach another one in asciiart I picked from somewhere (maybe
this list itself).
> When the packet will be send to a IMQ device?
> When the packet arrives to post routing time?
> When operation of NAT occur? befor or later that the packet will send
> to net device?
When loading imq module, my kernel says:
IMQ starting with 2 devices...
IMQ driver loaded successfully.
Hooking IMQ before NAT on PREROUTING.
Hooking IMQ after NAT on POSTROUTING.
This is the default option, but you can choose from all 4 options at
compile time:
CONFIG_IMQ=m
# CONFIG_IMQ_BEHAVIOR_AA is not set
# CONFIG_IMQ_BEHAVIOR_AB is not set
CONFIG_IMQ_BEHAVIOR_BA=y
# CONFIG_IMQ_BEHAVIOR_BB is not set
[-- Attachment #2: packetflow.txt --]
[-- Type: text/plain, Size: 4945 bytes --]
Kernel Packet Traveling Diagram
Network
-----------+-----------
|
+--------------------------+
+-------+-------+ +---------+---------+
| IPCHAINS | | IPTABLES |
| INPUT | | PREROUTING |
+-------+-------+ | +-------+-------+ |
| | | conntrack | |
| | +-------+-------+ |
| | | mangle | | <- MARK WRITE
| | +-------+-------+ |
| | | IMQ | |
| | +-------+-------+ |
| | | nat | | <- DEST REWRITE
| | +-------+-------+ | DNAT or REDIRECT or DE-MASQUERADE
| +---------+---------+
+------------+-------------+
|
+-------+-------+
| QOS |
| INGRESS |
+-------+-------+
|
packet is for +-------+-------+ packet is for
this machine | INPUT | another address
+--------------+ ROUTING +--------------+
| | + PDBB | |
| +---------------+ |
+-------+-------+ |
| IPTABLES | |
| INPUT | |
| +-----+-----+ | |
| | mangle | | |
| +-----+-----+ | |
| | filter | | |
| +-----+-----+ | |
+-------+-------+ |
| +---------------------------+
+-------+-------+ | |
| Local | +-------+-------+ +-------+-------+
| Process | | IPCHAINS | | IPTABLES |
+-------+-------+ | FORWARD | | FORWARD |
| +-------+-------+ | +-----+-----+ |
+-------+-------+ | | | mangle | | <- MARK WRITE
| OUTPUT | | | +-----+-----+ |
| ROUTING | | | | filter | |
+-------+-------+ | | +-----+-----+ |
| | +-------+-------+
+-------+-------+ | |
| IPTABLES | +---------------------------+
| OUTPUT | |
| +-----------+ | |
| | conntrack | | |
| +-----+-----+ | |
| | mangle | | <- MARK WRITE |
| +-----+-----+ | |
| | nat | | <-DEST REWRITE |
| +-----+-----+ | DNAT or REDIRECT |
| | filter | | |
| +-----+-----+ | |
+-------+-------+ |
| |
+----------------------+----------------------+
|
+------------+------------+
| |
+-------+-------+ +---------+---------+
| IPCHAINS | | IPTABLES |
| OUTPUT | | POSTROUTING |
+-------+------- | +-------+-------+ |
| | | mangle | | <- MARK WRITE
| | +-------+-------+ |
| | | nat | | <- SOURCE REWRITE
| | +-------+-------+ | SNAT or MASQUERADE
| | | IMQ | |
| | +-------+-------+ |
| +---------+---------+
+------------+------------+
|
+------+------+
| QOS |
| EGRESS |
+------+------+
|
-----------+-----------
Network
[-- Attachment #3: Type: text/plain, Size: 143 bytes --]
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2007-03-07 11:43 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-03-07 9:53 [LARTC] packet in the kernel Simone84bo
2007-03-07 11:43 ` Rodolfo Brasnarof
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.