Re: promiscuous mode w/ hook - Aleksandar Milivojevic

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Aleksandar Milivojevic <amilivojevic@pbl.ca>
To: Netfilter Mailing List <netfilter@lists.netfilter.org>
Subject: Re: promiscuous mode w/ hook
Date: Fri, 22 Oct 2004 09:44:54 -0500	[thread overview]
Message-ID: <41791CE6.1000400@pbl.ca> (raw)
In-Reply-To: <20041022141152.GF21006@metastasis.org.uk>

Nick Drage wrote:
> I *think* you're missing what Richard is trying to do.  I'm presuming
> that all packets picked up by the ethernet inferface in promiscuous
> mode, so irrespective of whether they're meant for the host or not,
> should be sent to the prerouting table.
> 
> I would be surprised if this can be done without a great deal of hacking
> around... but most interesting of all, why do you want to do this
> Richard?

Yup, that would make sense.  I too don't see any simple way how to do 
it.  Maybe by creating virtual interface (such as tun or tap, depending 
on the Richards needs) and feeding the packet into it from userspace.

The packet would go through all Netfilter chains, and kernel would do 
the routing.  Both Netfilter and routing parts of kernel will see this 
packet as comming from tun/tap device (not from original physical 
network device).  It is quite possible that the packet will be routed 
back onto the physical interface it was received from (creating a loop 
and causing havoc on the network, unless userspace application and 
Netfilter rules are very carefully crafted to prevent this).  One way of 
avoiding this would be to use firewall marks, so that such packets can 
be identified later on by remaining chains and routing parts of the 
kernel.  However, still, a single typo could bring Richard's network down.

-- 
Aleksandar Milivojevic <amilivojevic@pbl.ca>    Pollard Banknote Limited
Systems Administrator                           1499 Buffalo Place
Tel: (204) 474-2323 ext 276                     Winnipeg, MB  R3T 1L7

     prev parent reply	other threads:[~2004-10-22 14:44 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-10-21 21:14 promiscuous mode w/ hook Richard Gopaul
2004-10-22 13:55 ` Aleksandar Milivojevic
2004-10-22 14:11   ` Nick Drage
2004-10-22 14:44     ` Aleksandar Milivojevic [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=41791CE6.1000400@pbl.ca \
    --to=amilivojevic@pbl.ca \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.