How to get notified if packets are dropped because of checksum mismatch error

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Arif Hossain <freefall1986@gmail.com>
To: netfilter <netfilter@vger.kernel.org>,
	netfilter-devel <netfilter-devel@vger.kernel.org>
Subject: How to get notified if packets are dropped because of checksum mismatch error
Date: Fri, 16 Mar 2012 18:18:00 +0600	[thread overview]
Message-ID: <1331900280.4147.15.camel@arifLaptop> (raw)

[-- Attachment #1: Type: text/plain, Size: 1247 bytes --]

Hi all,

I have a netfilter_queue app which de-obfuscates a already obfuscated
udp packets. de-obfuscation process ends successfully but somehow packet
is not reaching to the udp daemon. i'm suspecting this is happening
because of a udp checksum mismatch. so i'm wondering how can i get logs
of packets which are dropped because of udp checksum mismatch?

I'm receiving the packets ok in my netfilter_queue app. and when i issue
set_nfq_verdict() it also returns a positive value. problem is packet is
not delivered to the udp daemon i'm expecting. i've straced my
netfilter_queue app. it shows that it issues a sendmsg() to the udp
socket which is listening for this. I've also straced my  udp daemon.
its stuck in poll() for receiving udp packet. but it does not return
from this poll meaning that something is wrong. packet is lost in
oblivion after set_nfq_verdict(). how can i debug it?

i've heard linux by default dropps a packet if it does not have correct
checksum if checksum is present, this behavior can be modified by
recompiling the kernel. using a custom kernel is not in our agenda.

my platform :
Linux <hostname> 2.6.32-220.7.1.el6.x86_64 #1 SMP Wed Mar 7 00:52:02 GMT
2012 x86_64 x86_64 x86_64 GNU/Linux

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 490 bytes --]

                 reply	other threads:[~2012-03-16 12:18 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1331900280.4147.15.camel@arifLaptop \
    --to=freefall1986@gmail.com \
    --cc=netfilter-devel@vger.kernel.org \
    --cc=netfilter@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).