Re: Inbound packet buffering

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Pablo Neira <pablo@eurodev.net>
To: Doug SC <dougsc@yahoo.com>, netfilter-devel@lists.netfilter.org
Subject: Re: Inbound packet buffering
Date: Mon, 19 Jan 2004 15:39:12 +0100	[thread overview]
Message-ID: <400BEC10.8030503@eurodev.net> (raw)
In-Reply-To: <20040119143454.34247.qmail@web11610.mail.yahoo.com>

Hi doug!

Doug SC wrote:

>Good Morning.
>
>I have a kernel driver which has registered for
>inbound packets.
>
>nf_register_hook(...NF_IP_PRE_ROUTING...)
>
>I am looking to take action on certain UDP ports on
>packets which may exceed MTU.  I see the fragmented
>packets at this hook and since I can't be certain of
>the order of receipt I need to buffer packets until I
>receive the fragment which contains the ports.
>  
>
If you understood well, you don't want to work with fragmented packets 
anymore or you look for an easy way to handle them, do you?

I have two ideas:

a) load the ip_conntrack module for connection tracking, it gathers all 
the fragments in the NF_IP_PRE_ROUTING hook and fragment them again in 
the NF_IP_POST_ROUTING. So you could register your hook in the 
NF_IP_FORWARD hook instead of  the NF_IP_PRE_ROUTING hook and you won't 
be working with fragmented packets anymore, the conntrack will do that 
work for you.

b) use the same code as ip_conntrack does:

http://lxr.linux.no/source/net/ipv4/netfilter/ip_conntrack_core.c#L826
http://lxr.linux.no/source/net/ipv4/netfilter/ip_conntrack_standalone.c#L201

cheers,
Pablo

next prev parent reply	other threads:[~2004-01-19 14:39 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-01-19 14:34 Inbound packet buffering Doug SC
2004-01-19 14:39 ` Pablo Neira [this message]
2004-01-21 14:22 ` Harald Welte

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=400BEC10.8030503@eurodev.net \
    --to=pablo@eurodev.net \
    --cc=dougsc@yahoo.com \
    --cc=netfilter-devel@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.