From: "Shiva Raman Pandey" <shiva@sasken.com>
To: linux-kernel@vger.kernel.org
Subject: NetFilter: Problem in adding additional header using NetFilter
Date: Thu, 11 Oct 2001 20:52:42 +0530 [thread overview]
Message-ID: <9q4ddj$bo3$1@ncc-z.sasken.com> (raw)
Hello Friends,
My actual requirement is to insert my own header between Ethernet header and
IP header to all the packets generated at this machine and remove the same
from all the packets meant for this machine.
So Packets leaving from this machine will look like(assume my header is
BlueTooth header)
Ethernet header -- BT header --IPheader--TCP/UDP/ICMP header
I tried to using Netfilter to solve my purpose, but found that I cant get
the packet directly from ethernet. Even the very first hook PRE_ROUTING also
gives from IP layer only.
So if I add my BT header before IP header, IP layer will not accept the
packet when I will call 'set_verdict'.
So I changed my design :(, to do some dirty work like add the copy of IP
header before BT header again.
Now it will look like
IP header--BT header--IP header--TCP/UDP/ICMP header
and at the recieving end it will remove the IP header--BT header leaving the
remaining packet starting with IP header.
For example, say ping command, packet length = 84 bytes, IP header length =
20 bytes, ICMP header length = 8bytes and my BT header length = 5 bytes
so I made the new packet of length 20+5+20+(84-20) = 109 bytes and called
the function set_verdict, with data_len = 109, and this 109 bytes long
payload.
Now at the recieving machine I should get the 109 bytes long packet, but in
fact IP_QUEUE is giving the packet of 84 bytes only, that are in fact first
84 bytes of the 109 bytes long packet.
Note - I have not touched the checksum fields.
So, my questions are :
1) When I am sending 109 bytes, why I am getting only 84 bytes?
2) I tried changing the payload[3] (ie, packet length field) to 109, in that
case the packet never reaches the destination, why?
3) Is this problem due to checksum?
4) Is there any way using netfilter, I can get the packet from ethernet
directly, that will suit my actual design? or any other easy way?
5) How can I verify that the sending machine is actually sending 109 bytes(I
mean not reducing it to 84)?
Please send me your suggestions to find out the solution for this problem
Thanks alot.
Regards
Shiva Raman Pandey
Research Associate, Computer Science -R&D
Sasken Communication Technologies Limited
Bangalore, India
next reply other threads:[~2001-10-11 15:21 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-10-11 15:22 Shiva Raman Pandey [this message]
2001-10-11 15:53 ` NetFilter: Problem in adding additional header using NetFilter James Sutherland
2001-10-11 16:09 ` Sound on Vaio partially dies between 2.4.5 and 2.4.6 Greg Ingram
2001-10-11 16:48 ` unkillable process in R state? Christopher Friesen
2001-10-11 17:25 ` Ralf Baechle
2001-10-11 18:19 ` Christopher Friesen
2001-10-11 18:19 ` James Sutherland
2001-10-11 19:18 ` Christopher Friesen
2001-10-11 22:19 ` Alex Pennace
2001-10-11 22:57 ` James Sutherland
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='9q4ddj$bo3$1@ncc-z.sasken.com' \
--to=shiva@sasken.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox