Re: Problem sending skb built from scratch with IPv6

[Pierre Rondou <prondou@gmail.com>]

Long time since my previous mail, I've been looking on other issues.

The problem solved itself by upgrading to debian squeeze (I previously 
was on a testing version between Lenny and squeeze).

Thanks anyway :-)


Le 24/03/11 22:16, Jan Engelhardt a écrit :
> On Wednesday 2011-03-23 00:45, Pierre Rondou wrote:
>
>    
>> Hi all,
>>
>>
>> I'm a student at the University of Liege (Belgium) and for my master thesis, I
>> have to devellop a netfilter module implementing NatIvI and Nat64.
>>      
> Let me just make aware of preexisting software, such as Ecdysis nat64,
> because too often have I encountered students who just reimplemented
> everything and then felt like it was for nothing.
>
>    
>> The modules, as stated by the protocols, need to be able to send packet
>> with IP that doesn't belong to them (i.e, sort of spoofing). Everything
>> works fine for the newly created IPv4 skb (I can see the packets in
>> wireshark), you can see the source code at the end.
>>
>> But for Ipv6, the only think I see is neighbour solicitation messages
>> (ICMPv6) for both the source IP and the dest IP. There is one only case
>> when the program works: when the source IP of the packet is the same as
>> the interface's one.
>>      
> Of course a connected router will do NDISC if the address is directly
> reachable according to its routing table.
>
>
>    
>> The source code used for the new IPv4 packets (working 100%), it's copied from
>> the NAT64 module available in GPL:
>>      
> "The NAT64 module", but which?
>
>    
>>    skb_dst_set(newskb, dst);
>>    newskb->dev = dst->dev;
>>    skb_dst_set(newskb, dst);
>>      
> Why set dst twice?
>
>    
>> # route --inet
>> Table de routage IP du noyau
>> Destination     Passerelle      Genmask         Indic Metric Ref    Use Iface
>> 192.168.1.0     *               255.255.255.0   U     0      0        0 eth1
>> default         192.168.1.1     0.0.0.0         UG    0      0        0 eth1
>>      
> For future reference, stick to iproute2.
>
>    
>> # route --inet6
>> Table de routage IPv6 du noyau
>> Destination                    Next Hop                   Flag Met Ref Use If
>> 2001:6a8:2d80:128::/64         ::                         U    256 0     1 eth1
>> fe80::/64                      ::                         U    256 0     0 eth1
>> ::/0                           2001:6a8:2d80:128::2       UG   1   0    35 eth1
>> ::/0                           ::                         !n   -1  1    61 lo
>> ::1/128                        ::                         Un   0   1    80 lo
>> 2001:6a8:2d80:128::/128        ::                         Un   0   1     0 lo
>> 2001:6a8:2d80:128::1/128       ::                         Un   0   1    20 lo
>> fe80::/128                     ::                         Un   0   1     0 lo
>> fe80::20e:a6ff:feb0:e1a2/128   ::                         Un   0   1    14 lo
>> ff00::/8                       ::                         U    256 0     0 eth1
>> ::/0                           ::                         !n   -1  1    61 lo
>>      

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html