* Generating pseudo-packets with netfilter
@ 2006-12-19 13:50 Dai MIKURUBE
2006-12-19 14:27 ` Dai MIKURUBE
0 siblings, 1 reply; 2+ messages in thread
From: Dai MIKURUBE @ 2006-12-19 13:50 UTC (permalink / raw)
To: netfilter
Hi,
I'm a student at Tokyo Institute of Technology.
I'd like to do following operations, and I thought do them
with netfilter. But I don't know hot to do this actually.
Could you tell me...
- Can I do the following operations with netfilter?
- If I can, how to do them?
My purpose is to make the Linux Kernel believe that a packet
has come. (In fact, any packet has not arrived.)
I could do this without netfilter but with tunneling device as follows.
[Any UserProcess] - [Kernel] - <Tunnel> - [Intermediate Process] - <Physical eth0>
"Intermediate Process" usually passes any packet through,
and send a packet into "Kernel" via "Tunnel" if necessary.
Finally, I'd like to do this without tunneling device as follows.
[Any UserProcess] - [Kernel] - ((???)) - [Physical eth0]
At first, I thought that netfilter can act as ((???)) with
my Kernel Module. But netfilter seems to be not able to
generate packets out of nothing...
Can I do this with netfilter?
# If not, I'd like to know another way to do this... :-(
Thanks,
--
Dai MIKURUBE
dmikurube@acm.org
^ permalink raw reply [flat|nested] 2+ messages in thread* Re: Generating pseudo-packets with netfilter
2006-12-19 13:50 Generating pseudo-packets with netfilter Dai MIKURUBE
@ 2006-12-19 14:27 ` Dai MIKURUBE
0 siblings, 0 replies; 2+ messages in thread
From: Dai MIKURUBE @ 2006-12-19 14:27 UTC (permalink / raw)
To: netfilter
Hi,
I make a supplementary explanation.
Finally, my purpose is to make "Pseudo 3-Way Handshake".
At first, a user process create a socket (with socket())
and make it TCP_LISTEN (with listen()).
Next, I'd like to make it's status CONNECTED without any
external computers for some reason. In order to do this,
it's necessary that the Linux Kernel believes a SYN packet
has come. So, of cource, to handle a SYN+ACK pakcet and to
reply an ACK packet are required.
If netfilter cannot generate packets out of nothing,
I think to take the following way:
1. My module call netif_receive_skb() directly to send a SYN packet.
2. Kernel replys a SYN+ACK packet,
and my module catches it with netfilter.
3. My module DROPs the packet,
and my module replys an ACK packet with netif_receive_skb().
But it seems to be a little hard. I'm happy if it can be done
with netfilter.
--
Dai MIKURUBE
dmikurube@acm.org
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2006-12-19 14:27 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-12-19 13:50 Generating pseudo-packets with netfilter Dai MIKURUBE
2006-12-19 14:27 ` Dai MIKURUBE
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox