From: Ravi Kumar <ravivsn@rocsys.com>
To: "Srinivas G." <srinivasg@esntechnologies.co.in>
Cc: kung@uiuc.edu, netfilter-devel@lists.netfilter.org,
"Mukund JB." <mukundjb@esntechnologies.co.in>,
Henrik Nordstrom <hno@marasystems.com>,
Diego Woitasen <diegows@linux.org.ar>
Subject: Re: How can I get these packets in the user space application?
Date: Thu, 09 Dec 2004 19:04:01 +0530 [thread overview]
Message-ID: <41B85449.6080306@rocsys.com> (raw)
In-Reply-To: <4EE0CBA31942E547B99B3D4BFAB3481125897A@mail.esn.co.in>
Srinivas,
You can use libipq library to get packets in user space and can also
give verdicts. snort_inline uses this method to get packets to IDS
engine which works in user space.
Regards,
-Ravi
Srinivas G. wrote:
>>On Wed, 8 Dec 2004, Srinivas G. wrote:
>>
>>
>>>My question is: How can I get these packets in the user space
>>>application?
>>
>>Depends on what you want to do with the packet. If you intend to have
>
> them
>
>>returned back to the kernel then QUEUE is the best action.
>>
>>If you only want to have them sent to userspace then a more lean
>
> design
>
>>may be desireable.
>>
>>Regards
>>Henrik
>
>
> Dear Henrik,
>
> Actually I am new to network device drivers. Please spend some time to
> read this mail.
>
> Actually I need to send the packets to user space and then in the user
> space I need to do some calculations on the packet data and then I want
> to send the packet back to kernel space.
>
> According to Mr. Ravi Kumar from rocsys.com there is a performance issue
> in moving packets from kernel space to user space and then back to
> kernel space. Even though, I need to transmit the packets from kernel to
> user space and back to kernel space.
>
> I have gone through the documents that are available in the
> netfilter.org.
> Especially I read the netfilter-hacking-HOWTO-4.html document which
> explains about iptables, NAT and netfilter. I mainly concentrated on
> netfilter driver. My understanding is as follows.
>
> I send the sample code in the previous mail to you.
>
> I understood that queue the packet for user space handling. Finally we
> can issue 'nf_reinject' to send the packet into the network path again.
>
> I understood the some of the concepts about 'setsockopt' mechanism in
> the netfilter driver which is useful for processing the user space
> commands in the kernel.
>
> I understood the topics from the following link.
> http://www.netfilter.org/documentation/HOWTO//netfilter-hacking-HOWTO-4.
> html
>
> ---------
> My doubt is: How the user application can get the packet from the 'hook'
> function? What APIs are used in the user space application to access the
> packet from the hook function?
>
> Thanks and regards,
> Srinivas G
>
>
next prev parent reply other threads:[~2004-12-09 13:34 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-12-09 13:09 How can I get these packets in the user space application? Srinivas G.
2004-12-09 13:24 ` Maarten Wijnants
2004-12-09 13:34 ` Ravi Kumar [this message]
2004-12-09 16:59 ` Henrik Nordstrom
-- strict thread matches above, loose matches on Subject: below --
2004-12-08 14:01 Srinivas G.
2004-12-08 15:34 ` Henrik Nordstrom
2004-12-09 6:22 ` Ravi Kumar
2004-12-09 22:36 ` Henrik Nordstrom
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=41B85449.6080306@rocsys.com \
--to=ravivsn@rocsys.com \
--cc=diegows@linux.org.ar \
--cc=hno@marasystems.com \
--cc=kung@uiuc.edu \
--cc=mukundjb@esntechnologies.co.in \
--cc=netfilter-devel@lists.netfilter.org \
--cc=srinivasg@esntechnologies.co.in \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.