OD> I am trying to use netfilter QUEUE to process IP payload in
OD> user-space. So far I have successfully retrived the packet (payload),
OD> done with my processing but I don't know how to put it back (modified
OD> payload) back to original outbound packet.
OD> this is what I have tried:
OD> --------------
OD> len = nfq_get_payload(tb, &payload);
OD> if (len >>= 0 ) {
OD> new_len = process_payload(payload, *newPayload, len);
OD> //trying memcpy
OD> memcpy(payload, newPayload, len);
OD> pkt->ip->check = 0;
OD> free(newPayload);
OD> }
OD> return nfq_set_verdict(qh, id, NF_ACCEPT, 0, NULL);
OD> --------------
OD> I tried using memcpy() to copy new payload data to existing, but I
OD> think that is being done on user space only. or do I need to call
OD> some nfa_set.. function ?
OD> I will be glad if someone could point me to right direction.
OD> Thank you,
Cut from libnetfilter_queue.c
================================
int nfq_set_verdict(struct nfq_q_handle *qh, u_int32_t id,
u_int32_t verdict, u_int32_t data_len,
unsigned char *buf)
================================
You call this function in this way:
return nfq_set_verdict(qh, id, NF_ACCEPT, 0, NULL);
I think right function call:
===================
ret = nfq_set_verdict(qh, id, NF_ACCEPT, new_len, newPayload);
free(newPayload);
return ret;
===================
and my be without any memcpy()
Try this...
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
