From mboxrd@z Thu Jan 1 00:00:00 1970 From: Justin Yaple Subject: Re: Recalculate checksums in netfilter queue Date: Thu, 22 Apr 2010 15:12:41 -0700 Message-ID: References: <20100422084313.jk0ntlfyss444g0o@webmail.dartmouth.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Cc: netfilter-devel To: Bruno Moreira Guedes Return-path: Received: from mail-gw0-f46.google.com ([74.125.83.46]:33521 "EHLO mail-gw0-f46.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752656Ab0DVWMm (ORCPT ); Thu, 22 Apr 2010 18:12:42 -0400 Received: by gwj19 with SMTP id 19so2331163gwj.19 for ; Thu, 22 Apr 2010 15:12:41 -0700 (PDT) In-Reply-To: Sender: netfilter-devel-owner@vger.kernel.org List-ID: > So, talking about the topic - implementing checksum functions on > netfilter_queue, it would be useful to nfq_set_verdict subcall a > function which check if the checksums(tcp, ip, udp, anything else) are > set to 0, and then(if it's 0) it change the ckecksum automatically - > something like the kernel does when we send a packet through a RAW > socket. > > --Bruno Moreira Guedes I think thats a great idea. If the functions were included in the library you could have nfq_set_verdict call them if any of the checksums are set to 0. This would give you the option of either calling the function yourself, or just setting the checksum to 0 then let the nfq_set_verdict call the functions to recalculate them. So maybe it could be implemented like the checksum functions used in the kernel where the base checksum function is the same, but takes parameters to determine what protocol the checksum is being calculated for. Then a wrapper function is made for each protocol type ip, tcp, udp... -Justin.