On Wednesday 2010-04-07 01:10, K-Gen wrote: >Hi there. >I'm trying to see TCP packets passing through a router using a >netfilter module (in order to eventually alter them). > >I have a hook on PREROUTING, and it doesn't quite work as expected. >The only packets I see, are the TCP handshake (3 packets). Any packets >in an established connection do not get to my hook. >The TCP connections in question all pass via NAT before reaching my >hook. I've thus given my hook the priority NF_IP_PRI_LAST. >I've tried setting nfcache to NFC_UNKNOWN for every TCP packet, and >this didn't help. > >The kernel version on the router is 2.6.8.1, the router itself is >based on a BCM board. I did not try to the same on another machine. The stable series did not exist before 2.6.11, so 2.6.8.1 did not exist. Assuming you meant 2.6.8, I'd say it's time to update. nfcache is long gone. >I'm obviously doing something wrong, so please tell my why is this happening. You need to post your code, because we don't have magic orbs (let alone that, if such existed, the law would probably prohibit their use for obvious reasons of unwanted privacy invasion). -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
