From: Patrick McHardy <kaber@trash.net>
To: KOVACS Krisztian <hidden@balabit.hu>
Cc: netfilter-devel <netfilter-devel@lists.netfilter.org>
Subject: Re: REDIRECT changes DST address of the packet
Date: Tue, 26 Jul 2005 11:51:18 +0200 [thread overview]
Message-ID: <42E60796.2060909@trash.net> (raw)
In-Reply-To: <1122370295.24626.10.camel@nienna.balabit>
KOVACS Krisztian wrote:
> Patrick, I'm afraid this is not enough for a full-featured UDP
> solution. If you're using a single socket to receive UDP packets sent to
> multiple original addresses this approach simply fails. A better
> solution would require receiving the original destination address in a
> per-packet manner.
You're right, it doesn't work for unconnected sockets. I'm looking into
other possibilities now. I'm thinking of something similar to
SIOCGSTAMP - altough this would require increasing the size of struct
sock.
> We're using something similar as part of the transparent proxying
> patchset, but unfortunately this requires enlarging the skb and is a
> little hackish. The patch introduces an IP_RECVORIGADDRS socket option.
> If you enable this sockopt on a UDP socket, then recvmsg() will return
> the original addresses as a control message.
Why does the skb need to be enlarged?
Regards
Patrick
next prev parent reply other threads:[~2005-07-26 9:51 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-06-30 7:27 REDIRECT changes DST address of the packet Venkata Narayana
2005-06-30 8:08 ` Krzysztof Oledzki
2005-06-30 10:11 ` Peter Surda
2005-07-02 4:15 ` Venkata Narayana
2005-06-30 11:09 ` Jan Engelhardt
2005-07-25 4:54 ` Venkata Narayana
2005-07-25 23:59 ` Patrick McHardy
2005-07-26 0:20 ` Patrick McHardy
2005-07-26 8:27 ` Venkata Narayana
2005-07-26 9:31 ` KOVACS Krisztian
2005-07-26 9:51 ` Patrick McHardy [this message]
2005-07-26 10:06 ` KOVACS Krisztian
2005-08-01 14:24 ` Venkata Narayana
2005-07-23 4:55 ` Rate limit Venkata Narayana
2005-07-23 7:17 ` Netfilter Hook Venkata Narayana
2005-07-23 11:14 ` Rate limit Jan Engelhardt
2005-07-25 5:55 ` UDP Transparent Proxy Venkata Narayana
-- strict thread matches above, loose matches on Subject: below --
2005-06-30 7:29 REDIRECT changes DST address of the packet Venkata Narayana
2005-06-30 7:46 ` George Alexandru Dragoi
2005-07-05 15:46 ` Jason Lunz
2005-06-30 7:07 Venkata Narayana
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=42E60796.2060909@trash.net \
--to=kaber@trash.net \
--cc=hidden@balabit.hu \
--cc=netfilter-devel@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.