On Wed, Apr 21, 2010 at 8:15 PM, Justin Yaple <yaplej@xxxxxxxxx> wrote:
> If I get it figured out I will let you know. Im kind of supprised
> that there isnt a function for this in libnetfilter_queue already. It
> seems like it would be a pretty common requirement to recalculate the
> tcp, and ip checksums. I have spent two days trying to get something
> to work without much luck.
>
> My understanding is that the one complement of each 16-bit word is
> summed, and then the result of that is bitwise complemented.
>
> So for each word we would do something like this.
> for each word{
> sum += ~word;
> }
>
> then you would take the bitwise complement of that total.
> sum = ~sum;
For TCP, it's a bit more complicated, as you need to construct an IP
pseudo header first, calculate the checksum for the pseudo header +
segment containing a zeroed checksum field, and then finally insert
the checksum into the TCP header [1]. You also have to pad the
segment into an even number of octets before doing the calculation,
but not include this padding in the transmitted segment [2]. You may
also need to recalculate the IP checksum, depending on what fields
you're modifying. The process is also slightly different for TCP over
IPv6.
I found a thread on this list from last year that contains some helper
functions extracted from tcpdump that may help you, titled "Re: Fwd:
Modifying TCP packets with libnetfilter_queue" [3].
If this works for you, perhaps a patch to include them in
libnetfilter_queue is in order.
[1] http://www.tcpipguide.com/free/t_TCPChecksumCalculationandtheTCPPseudoHeader-2.htm
[2] http://en.wikipedia.org/wiki/Transmission_Control_Protocol#TCP_checksum_for_IPv4
[3] http://markmail.org/message/auqvblfqenhy4hlz
HTH,
James
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
