Re: Add IP_OPTIONS to IP header using netfilter

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tuesday 2008-01-08 06:58, Ashwini R wrote:
>
>struct ip_options *opt = kzalloc(sizeof(struct ip_options) + ((srlen +
>3) & ~3), GFP_KERNEL);
>memcpy(opt->__data, srp, srlen);
>
>But, I am not sure how to add this new ip_options to the captured
>packet since I need to append the ip_options structure to the ip
>header of the packet.

You basically have to rebuild the IP packet. How exactly you do it
(#1 or #2) is up to you.

#1. Create new packet of appropraite size, copy IP header,
put options in place, copy payload.
#2. Cloning packet, expanding packet size, moving payload forwards,
adding IP options in the appropriate place.

>Also, I am not sure how to specify the new packet length, if I need to
>recompute the checksum, etc.

I think skb_realloc_headroom is needed here...


/* GFP_KERNEL only allowed on LOCAL_OUT and POST_ROUTING */
nskb = skb_realloc_headroom(skb, size_of_your_option_data, 0, GFP_KERNEL);

void *oiph = ip_hdr(skb);
void *niph = skb_push(skb, size_of_your_option_data);
memmove(niph, oiph, sizeof(struct iphdr) + size_of_existing_options);

then fill in the space that just got vacant with your new options.
Afterwards recalculate checksum.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux