Re: Problem sending skb built from scratch with IPv6

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Pierre Rondou <prondou@gmail.com>
To: Jan Engelhardt <jengelh@medozas.de>
Cc: netfilter-devel@vger.kernel.org
Subject: Re: Problem sending skb built from scratch with IPv6
Date: Mon, 18 Apr 2011 17:05:20 +0200	[thread overview]
Message-ID: <4DAC5330.9060107@gmail.com> (raw)
In-Reply-To: <alpine.LNX.2.01.1103242207250.15489@obet.zrqbmnf.qr>

Long time since my previous mail, I've been looking on other issues.

The problem solved itself by upgrading to debian squeeze (I previously 
was on a testing version between Lenny and squeeze).

Thanks anyway :-)


Le 24/03/11 22:16, Jan Engelhardt a écrit :
> On Wednesday 2011-03-23 00:45, Pierre Rondou wrote:
>
>    
>> Hi all,
>>
>>
>> I'm a student at the University of Liege (Belgium) and for my master thesis, I
>> have to devellop a netfilter module implementing NatIvI and Nat64.
>>      
> Let me just make aware of preexisting software, such as Ecdysis nat64,
> because too often have I encountered students who just reimplemented
> everything and then felt like it was for nothing.
>
>    
>> The modules, as stated by the protocols, need to be able to send packet
>> with IP that doesn't belong to them (i.e, sort of spoofing). Everything
>> works fine for the newly created IPv4 skb (I can see the packets in
>> wireshark), you can see the source code at the end.
>>
>> But for Ipv6, the only think I see is neighbour solicitation messages
>> (ICMPv6) for both the source IP and the dest IP. There is one only case
>> when the program works: when the source IP of the packet is the same as
>> the interface's one.
>>      
> Of course a connected router will do NDISC if the address is directly
> reachable according to its routing table.
>
>
>    
>> The source code used for the new IPv4 packets (working 100%), it's copied from
>> the NAT64 module available in GPL:
>>      
> "The NAT64 module", but which?
>
>    
>>    skb_dst_set(newskb, dst);
>>    newskb->dev = dst->dev;
>>    skb_dst_set(newskb, dst);
>>      
> Why set dst twice?
>
>    
>> # route --inet
>> Table de routage IP du noyau
>> Destination     Passerelle      Genmask         Indic Metric Ref    Use Iface
>> 192.168.1.0     *               255.255.255.0   U     0      0        0 eth1
>> default         192.168.1.1     0.0.0.0         UG    0      0        0 eth1
>>      
> For future reference, stick to iproute2.
>
>    
>> # route --inet6
>> Table de routage IPv6 du noyau
>> Destination                    Next Hop                   Flag Met Ref Use If
>> 2001:6a8:2d80:128::/64         ::                         U    256 0     1 eth1
>> fe80::/64                      ::                         U    256 0     0 eth1
>> ::/0                           2001:6a8:2d80:128::2       UG   1   0    35 eth1
>> ::/0                           ::                         !n   -1  1    61 lo
>> ::1/128                        ::                         Un   0   1    80 lo
>> 2001:6a8:2d80:128::/128        ::                         Un   0   1     0 lo
>> 2001:6a8:2d80:128::1/128       ::                         Un   0   1    20 lo
>> fe80::/128                     ::                         Un   0   1     0 lo
>> fe80::20e:a6ff:feb0:e1a2/128   ::                         Un   0   1    14 lo
>> ff00::/8                       ::                         U    256 0     0 eth1
>> ::/0                           ::                         !n   -1  1    61 lo
>>      

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

     prev parent reply	other threads:[~2011-04-18 15:05 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-03-22 23:45 Problem sending skb built from scratch with IPv6 Pierre Rondou
2011-03-24 21:16 ` Jan Engelhardt
2011-04-18 15:05   ` Pierre Rondou [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4DAC5330.9060107@gmail.com \
    --to=prondou@gmail.com \
    --cc=jengelh@medozas.de \
    --cc=netfilter-devel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).