Marking packets is easy and already implemented in linux 2.2.x. With ipchains you can mark a packet with any criteria, for example:
ipchains -A input -m 0xff -p tcp --dport 80
Will mark inbound tcp packets destined to port 80 with the number 0xff.
If I understand correctly, you want to route those packets to a host via a IP tunnel. You can do this by creating a tunnel as a interface and routing all marked traffic to that interface with iproute2 (look in its documentation, I donīt remember how you route according to ipchains mark, but Iīm sure you can).
-----Mensaje original-----
De: bo li [SMTP:spfpaul@yahoo.com]
Enviado el: Domingo 7 de Enero de 2001 17:39
Para: linux-net@vger.kernel.org
Asunto: A processing unit of IP packet
hi, everyone!
Recently my boss gave me a project,the goal of the
project is to develop an additional part of the IP
stack, which will mark up IP packets according to
some criteria (destination address, application,
etc...) and will lead the marked up IP packets to
Elysean's interconnection network by way of a well
identified BGP router.You can encapsulate the packet
with IPIP,GRE or LSR. The destaddr,router addr and
mode(IPIP or GRE or LSR) is in the configuration file.
I know Linux has implemented the tunnel, with
ifconfig you can control it, but my boss ask me to
encapsulate the packet according to the port, I can't
handle it with ifconfig.
And I have a question: how do the packets flow over
the IP layer? Can I get and modify it in ipip tunnel?
I ever think about the firewall interface , can i
write a firewall module to get and modify and forward
the packet? Is there something i have to notice?
Hope to help me , i'm almost crazy!!!!
__________________________________________________
Do You Yahoo!?
Yahoo! Photos - Share your holiday photos online!
http://photos.yahoo.com/
-
: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.kernel.org
