On Sat, Apr 10, 2010 at 12:53 AM, Hamid Nassiby <h.nassiby@xxxxxxxxx> wrote: > Hello, > > I'm working on a project which wants to port a Windows-based network > protocol to Linux. The protocol works as a VPN/Firewall, on packets > copied from Data-Link Layer to user space. In MS Windows > WinpkFilter(C) does copying from kernel space (Data-Link layer) to > user space and then drops the original packet. In user space, our > protocol does some operation on packet ( e.g. checks the packet > authority and/or encrypts/decrypts it, ...) and then injects the > packet upward to application layer or downward or simply drops it. The injected > modified packet may not be as the same size of original one. > > So our requirements are: > > 1-Capture each packet which is coming inside or going outside the > computer in Data-link Layer. > 2-Create a copy of the packet and drop the original one. > 3-Copy of packet must be available in user space to be manipulated by > our protocol. > 4-After manipulation in user space, inject encrypted/decrypted version > of the privileged (copy of) packets to the network or upward to the > application layer. > Refer to: Documentation/networking/tuntap.txt -- Regards, Changli Gao(xiaosuo@xxxxxxxxx) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
