All of lore.kernel.org
 help / color / mirror / Atom feed
* Registering for only Specific Packets from Net-Filter!!!!
@ 2011-11-16 10:50 Kesava Srinivas
  2011-11-17  6:33 ` Mulyadi Santosa
  0 siblings, 1 reply; 6+ messages in thread
From: Kesava Srinivas @ 2011-11-16 10:50 UTC (permalink / raw)
  To: kernelnewbies

HI Guys,

I'm a Newbie to Linux Kernel Development. Need some Clarification in
understanding Net-Filter Hooks.

Can I register only for the Necessary Packets [Ex: IPSEC etc...] from the
Net-Filters?? AFAIK ; Net-Filter Module send the Packets to the
Corresponding Module based on pre-defined HOOKS. Let us say; there are Many
Packets reaching that Hooks; and if I am Interested only in some Packets
from Net-Filter module; can I do that ???

Any Help is Really Appreciated !!

-Thnks,
VKS
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20111116/c587f1ee/attachment.html 

^ permalink raw reply	[flat|nested] 6+ messages in thread
* Registering for only Specific Packets from Net-Filter!!!!
  2011-11-16 10:50 Registering for only Specific Packets from Net-Filter!!!! Kesava Srinivas
@ 2011-11-17  6:33 ` Mulyadi Santosa
  2011-11-17  8:36   ` Abhijit Pawar
  0 siblings, 1 reply; 6+ messages in thread
From: Mulyadi Santosa @ 2011-11-17  6:33 UTC (permalink / raw)
  To: kernelnewbies

On Wed, Nov 16, 2011 at 17:50, Kesava Srinivas <vunnavafuture@gmail.com> wrote:
> HI Guys,
>
> I'm a Newbie to Linux Kernel Development. Need some Clarification in
> understanding Net-Filter Hooks.
>
> Can I register only for the Necessary Packets [Ex: IPSEC etc...] from the
> Net-Filters?? AFAIK ; Net-Filter Module send the Packets to the
> Corresponding Module based on pre-defined HOOKS. Let us say; there are Many
> Packets reaching that Hooks; and if I am Interested only in some Packets
> from Net-Filter module; can I do that ???

something like:
iptables [some rules] -j ULOG
?

Check "man iptables" and see if that suits your need. FYI ULOG target
uses netlink to deliver the packet to user space for further
processing.



-- 
regards,

Mulyadi Santosa
Freelance Linux trainer and consultant

blog: the-hydra.blogspot.com
training: mulyaditraining.blogspot.com

^ permalink raw reply	[flat|nested] 6+ messages in thread
* Registering for only Specific Packets from Net-Filter!!!!
  2011-11-17  6:33 ` Mulyadi Santosa
@ 2011-11-17  8:36   ` Abhijit Pawar
  2011-11-17 17:10     ` shivanth
  2011-11-18  4:37     ` Kesava Srinivas
  0 siblings, 2 replies; 6+ messages in thread
From: Abhijit Pawar @ 2011-11-17  8:36 UTC (permalink / raw)
  To: kernelnewbies

On 11/17/2011 12:03 PM, Mulyadi Santosa wrote:
> On Wed, Nov 16, 2011 at 17:50, Kesava Srinivas<vunnavafuture@gmail.com>  wrote:
>> HI Guys,
>>
>> I'm a Newbie to Linux Kernel Development. Need some Clarification in
>> understanding Net-Filter Hooks.
>>
>> Can I register only for the Necessary Packets [Ex: IPSEC etc...] from the
>> Net-Filters?? AFAIK ; Net-Filter Module send the Packets to the
>> Corresponding Module based on pre-defined HOOKS. Let us say; there are Many
>> Packets reaching that Hooks; and if I am Interested only in some Packets
>> from Net-Filter module; can I do that ???
> something like:
> iptables [some rules] -j ULOG
> ?
>
> Check "man iptables" and see if that suits your need. FYI ULOG target
> uses netlink to deliver the packet to user space for further
> processing.
>
>
>
Hi Kesava Srinivas,
If this is for any application in user space, I would recommend you take 
a look at libPcap.

Regards,
Abhijit Pawar

^ permalink raw reply	[flat|nested] 6+ messages in thread
* Registering for only Specific Packets from Net-Filter!!!!
  2011-11-17  8:36   ` Abhijit Pawar
@ 2011-11-17 17:10     ` shivanth
  2011-11-18  4:37     ` Kesava Srinivas
  1 sibling, 0 replies; 6+ messages in thread
From: shivanth @ 2011-11-17 17:10 UTC (permalink / raw)
  To: kernelnewbies

On 11/17/2011 2:06 PM, Abhijit Pawar wrote:
> On 11/17/2011 12:03 PM, Mulyadi Santosa wrote:
>> On Wed, Nov 16, 2011 at 17:50, Kesava Srinivas<vunnavafuture@gmail.com>  wrote:
>>> HI Guys,
>>>
>>> I'm a Newbie to Linux Kernel Development. Need some Clarification in
>>> understanding Net-Filter Hooks.
>>>
>>> Can I register only for the Necessary Packets [Ex: IPSEC etc...] from the
>>> Net-Filters?? AFAIK ; Net-Filter Module send the Packets to the
>>> Corresponding Module based on pre-defined HOOKS. Let us say; there are Many
>>> Packets reaching that Hooks; and if I am Interested only in some Packets
>>> from Net-Filter module; can I do that ???
>> something like:
>> iptables [some rules] -j ULOG
>> ?
>>
>> Check "man iptables" and see if that suits your need. FYI ULOG target
>> uses netlink to deliver the packet to user space for further
>> processing.
>>
>>
>>
> Hi Kesava Srinivas,
> If this is for any application in user space, I would recommend you take 
> a look at libPcap.
>
> Regards,
> Abhijit Pawar
Why don't you check for the  type of the received packet ( taken from
the queue) in your hook function and process it if matches your
requirement else just return NF_ACCEPT  so that it is processed by other
hooks.
Regards
Shivanth
> _______________________________________________
> Kernelnewbies mailing list
> Kernelnewbies at kernelnewbies.org
> http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies

^ permalink raw reply	[flat|nested] 6+ messages in thread
* Registering for only Specific Packets from Net-Filter!!!!
  2011-11-17  8:36   ` Abhijit Pawar
  2011-11-17 17:10     ` shivanth
@ 2011-11-18  4:37     ` Kesava Srinivas
  2011-11-18 13:44       ` Mulyadi Santosa
  1 sibling, 1 reply; 6+ messages in thread
From: Kesava Srinivas @ 2011-11-18  4:37 UTC (permalink / raw)
  To: kernelnewbies

Thanks Mulyadi Santosa & Abhijit Pawar.

My Target is not bring the Pkts to User Space which is costly. Trying to do
that by using LKM. Seems to be; it is possible through skbuffers whose
structure have the provision to identify the Protocol.

-Thnx,
VKS


On Thu, Nov 17, 2011 at 12:36 AM, Abhijit Pawar <apawar.linux@gmail.com>wrote:

> On 11/17/2011 12:03 PM, Mulyadi Santosa wrote:
>
>> On Wed, Nov 16, 2011 at 17:50, Kesava Srinivas<vunnavafuture at gmail.**com<vunnavafuture@gmail.com>>
>>  wrote:
>>
>>> HI Guys,
>>>
>>> I'm a Newbie to Linux Kernel Development. Need some Clarification in
>>> understanding Net-Filter Hooks.
>>>
>>> Can I register only for the Necessary Packets [Ex: IPSEC etc...] from the
>>> Net-Filters?? AFAIK ; Net-Filter Module send the Packets to the
>>> Corresponding Module based on pre-defined HOOKS. Let us say; there are
>>> Many
>>> Packets reaching that Hooks; and if I am Interested only in some Packets
>>> from Net-Filter module; can I do that ???
>>>
>> something like:
>> iptables [some rules] -j ULOG
>> ?
>>
>> Check "man iptables" and see if that suits your need. FYI ULOG target
>> uses netlink to deliver the packet to user space for further
>> processing.
>>
>>
>>
>>  Hi Kesava Srinivas,
> If this is for any application in user space, I would recommend you take a
> look at libPcap.
>
> Regards,
> Abhijit Pawar
>



-- 
-VKS
Masters,Computer Science&Engineering.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20111117/1641366c/attachment.html 

^ permalink raw reply	[flat|nested] 6+ messages in thread
* Registering for only Specific Packets from Net-Filter!!!!
  2011-11-18  4:37     ` Kesava Srinivas
@ 2011-11-18 13:44       ` Mulyadi Santosa
  0 siblings, 0 replies; 6+ messages in thread
From: Mulyadi Santosa @ 2011-11-18 13:44 UTC (permalink / raw)
  To: kernelnewbies

Hi :)

On Fri, Nov 18, 2011 at 11:37, Kesava Srinivas <vunnavafuture@gmail.com> wrote:
> Thanks Mulyadi Santosa & Abhijit Pawar.
>
> My Target is not bring the Pkts to User Space which is costly. Trying to do
> that by using LKM. Seems to be; it is possible through skbuffers whose
> structure have the provision to identify the Protocol.

I see...well then, maybe this Phrack's article could help you:
http://www.phrack.org/issues.html?issue=61&id=13

have fun :)


-- 
regards,

Mulyadi Santosa
Freelance Linux trainer and consultant

blog: the-hydra.blogspot.com
training: mulyaditraining.blogspot.com

^ permalink raw reply	[flat|nested] 6+ messages in thread
end of thread, other threads:[~2011-11-18 13:44 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-11-16 10:50 Registering for only Specific Packets from Net-Filter!!!! Kesava Srinivas
2011-11-17  6:33 ` Mulyadi Santosa
2011-11-17  8:36   ` Abhijit Pawar
2011-11-17 17:10     ` shivanth
2011-11-18  4:37     ` Kesava Srinivas
2011-11-18 13:44       ` Mulyadi Santosa

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.