Problems writing a costum target

[Wim Van de Meerssche <wim.vandemeerssche@gmail.com>]

[-- Attachment #1: Type: text/plain, Size: 847 bytes --]

Hi,

I'm having some trouble writing a new Netfilter target.
It's meant to make some changes to IPv6 packets (add a routing header).
However, I can't even get a simple change of IPv6 destination address to work.
Either the changes to the packet are ignored (if I use
skb_ip_make_writable), or the packet gets dropped somewhere (if I
don't use skb_ip_make_writable).

I've been testing with:
ip6tables -t mangle -A POSTROUTING -s somehost -j LOG
ip6tables -t mangle -A POSTROUTING -s somehost -j ADDRH  (see attached code)
ip6tables -t mangle -A POSTROUTING -s somehost -j LOG  (the dropped
packets mentioned above don't show up here)

I've also tried the PREROUTING hook.
The code I'm using is attached.
What am I doing wrong? (Is my poor experience with kernel programming to blame?)

Any help would be greatly appreciated.

Wim Van de Meerssche

[-- Attachment #2: ADDRHCode.c --]
[-- Type: application/octet-stream, Size: 860 bytes --]

/* This is the interesting part of the code. */
static unsigned int
ip6t_addrh_target(struct sk_buff **pskb, const struct net_device *in,
                const struct net_device *out, unsigned int hooknum,
                const void *targinfo, void *userinfo)
{
  struct ipv6hdr *iph;
  const struct ip6t_ADDRH_info *info = targinfo;
  /* info:     struct ip6t_ADDRH_info { struct in6_addr target; }; */

  iph = (*pskb)->nh.ipv6h;

  printk(...iph->daddr...); //prints packet info for debugging

  /* with the line below, the packet doesn't change. Without the line, it gets dropped. */
  //if (!skb_ip_make_writable(pskb, sizeof(struct ipv6hdr))) return NF_DROP;

  iph->daddr = info->target;

  (*pskb)->nfcache |= NFC_ALTERED; 

  printk(...iph->daddr...); //prints packet info for debugging (the change can always be seen here)

  return IP6T_CONTINUE;
}