I've hunted around a bit but can't find the answer to my question,
even though it seems like it must be covered somewhere obvious -
apologies in advance if I've missed it.
Here's my situation: I wrote a simple netfilter target a couple of
years back, been running it on Redhat 3, 2.4 kernel successfully for
quite a while. I install it on the PREROUTING chain, and I mangle UDP
packets; modifiying the source and destination addresses. My code was
then setting the NFC_ALTERED bit in the nf_cache of the sk_buff so
that it would get re-processed by netfilter. Everything fine. Now I
simply want to update my code to run on Centos 5, kernel 2.6.18 and
iptables 1.4. Whoa, now I find my kernel module doesn't compile
because that data structure has changed. If I remove that line of
code, it compiles, but the packet forwarding does not work (and it
seems like I stop getting packets routed to my target at all once I
mangle the first one).
Can someone help me out? What is the new improved way of indicating
that I've changed a packet's header or body so that netfilter re-
examines it?
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
