I am investigating how to capture some packets from a network device (In
order to send them to IMQ).
Looking at the kernel compilation options, I see it would be possible to
pick some packets and send them to a "netlink device".
What I don't know is how to use this netlink device, and what is it
exactly, because the doc say it is going to disappear, and that we must
use "netlink sockets"
Help?
Here some interesting info:
using CONFIG_IP_NF_QUEUE in the 2.4 Kernel:
CONFIG_IP_NF_QUEUE:
Netfilter has the ability to queue packets to user space: the
netlink device can be used to access them using this driver.
If you want to compile it as a module, say M here and read
Documentation/modules.txt. If unsure, say `N'.
net/ipv4/netfilter/ip_queue.c :
/*
* This is a module which is used for queueing IPv4 packets and
* communicating with userspace via netlink.
*
* (C) 2000 James Morris, this code is GPL.
*
* 2000-03-27: Simplified code (thanks to Andi Kleen for clues).
* 2000-05-20: Fixed notifier problems (following Miguel Freitas' report).
* 2000-06-19: Fixed so nfmark is copied to metadata (reported by Sebastia=
n
* Zander).
* 2000-08-01: Added Nick Williams' MAC support.
*
man iptables:
TARGETS
A firewall rule specifies criteria for a packet, and a
target. If the packet does not match, the next rule in
the chain is the examined; if it does match, then the next
rule is specified by the value of the target, which can be
the name of a user-defined chain or one of the special
values ACCEPT, DROP, QUEUE, or RETURN.
ACCEPT means to let the packet through. DROP means to
drop the packet on the floor. QUEUE means to pass the
packet to userspace (if supported by the kernel).
--=20
__o
_ \<_
(_)/(_)
Saludos de Juli=E1n
EA4ACL
-.-
Foro Wireless Madrid
http://opennetworks.rg3.net
