From: Quinton Hoole <quinton@hoole.biz>
To: Frank Abel <frankabel@tesla.cujae.edu.cu>
Cc: netfilter@lists.netfilter.org
Subject: Re: Mangling IP Options fields
Date: Mon, 16 May 2005 15:18:15 +0200 [thread overview]
Message-ID: <42889D97.7000601@hoole.biz> (raw)
In-Reply-To: <002d01c55a30$2063f940$7b0e10ac@hegel>
[-- Attachment #1: Type: text/plain, Size: 1962 bytes --]
Frank Abel wrote:
>Hi all!
>You don't want "to alter the netfilter/iptables code", libipq can resolve
>your problem if you dont't want high speed or if you only need you mangle
>some packet. besides you can uses libipq to prototype the final
>implementation. Look up in this list messages which have in subject the word
>libipq. Other source of information is man libipq. In the web there is many
>examples of programs that alter the IP header.
>
>Salute
>Frank Abel
>
>
>
Thanks Frank
I looked into the libipq user space queueing option, but unfortunately
switching to user space is not feasble in my case (every single packet
on a GBit ethernet needs to be stamped, and resource utilisation is a
big issue). Some further reading of the netfilter FAQ has revealed that
patch-o-matic based extensions seem to be the way that others have
achieved things similar to my aims.
http://www.netfilter.org/documentation/HOWTO//netfilter-extensions-HOWTO-4.html
Can anyone confirm that I'm heading in the right direction?
Thanks in advance...
Quinton
>----- Original Message -----
>From: "Quinton Hoole" <quinton@hoole.biz>
>To: <netfilter@lists.netfilter.org>
>Sent: Monday, May 16, 2005 5:22 AM
>Subject: Mangling IP Options fields
>
>
>
>
>>Hi
>>
>>This newbie needs to add and/or rewrite data in the IP Options fields.
>>The MANGLE chain looks like the place to do this, but I don't see the
>>appropriate target extensions to achieve it. It seems easy to mangle
>>most other fields (DSCP, ECN, TOS, TTL etc) but no mention of the
>>OPTIONS fields.
>>
>>Is mangling of IP options fields supported by netfilter/iptables?
>>
>>If not, I'm going to have to make it happen some how. Any pointers
>>towards the recommended approach in this regard would be appreciated.
>>I'm assuming that I'll have to alter the netfilter/iptables code
>>appropriately, which is not a problem.
>>
>>Thanks in advance...
>>
>>Quinton
>>
>>
>>
>
>
>
>
>
>
>
>
>
>
[-- Attachment #2: S/MIME Cryptographic Signature --]
[-- Type: application/x-pkcs7-signature, Size: 3244 bytes --]
next prev parent reply other threads:[~2005-05-16 13:18 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-05-16 12:22 Mangling IP Options fields Quinton Hoole
2005-05-16 12:38 ` Tobias DiPasquale
2005-05-16 12:58 ` Quinton Hoole
2005-05-16 15:58 ` Frank Abel
2005-05-16 13:18 ` Quinton Hoole [this message]
2005-05-16 13:35 ` Tobias DiPasquale
2005-05-16 14:38 ` Quinton Hoole
-- strict thread matches above, loose matches on Subject: below --
2005-05-16 12:38 Quinton Hoole
2005-05-16 18:43 ` Jonas Berlin
2005-05-19 12:58 ` Quinton Hoole
2005-05-20 11:17 ` Amin Azez
2005-05-20 13:47 ` Quinton Hoole
2005-06-04 9:23 ` Jonas Berlin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=42889D97.7000601@hoole.biz \
--to=quinton@hoole.biz \
--cc=frankabel@tesla.cujae.edu.cu \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.