* Re: netfilter hook/tuple question
[not found] <AANLkTikanogevLAZ30XgK7oV4bijuTz5lZdkznWlisuC@mail.gmail.com>
@ 2010-07-12 2:53 ` Rusty Russell
0 siblings, 0 replies; only message in thread
From: Rusty Russell @ 2010-07-12 2:53 UTC (permalink / raw)
To: Huascar Tejeda; +Cc: netfilter-devel
On Fri, 9 Jul 2010 05:08:52 am Huascar Tejeda wrote:
> Hello Rusty Russell,
>
> I'm starting to learn about netfilter hooks programming and I have a small
> question. Is it possible to see the packets in my hook even if it already is
> in a tuple?
Hi Huascar,
Sorry for the delayed response. This question might have been better
directed at the netfilter-devel mailing list.
> My hook reads HTTP requests looking for QueryStrings. it's running in a
> linux gateway and I have these scenarios:
>
> - From a linux client: if I access google.com I can see the request for the
> first time, but since Linux re-uses source-port I don't see it again in my
> hook.
> - From a windows client: it works very well cause windows always use
> different source-port so it is handled as a new connection every time.
>
> Here is my code: http://codepad.org/T6SESSRg
AFAICT, this should work... It's pretty simple.
Rusty.
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2010-07-12 2:53 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <AANLkTikanogevLAZ30XgK7oV4bijuTz5lZdkznWlisuC@mail.gmail.com>
2010-07-12 2:53 ` netfilter hook/tuple question Rusty Russell
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).