Hi, I am not a Netfilter GURU. Let Me know if my code tracing for netfilter is on right Path. Kernel Version 2.6.34. # I have divided the netfilter activities happening in kernel in two parts 1) On one side the Custom firewall kernel module written by a user registers the nf_hook_ops using nf_register_hook by filling all the needed parameters for nf_hook_ops. For PRE_ROUTING HOOK 2) On Other side NF_HOOK is called from ip_rcv which is NF_INET_PRE_ROUTING HOOK which goes and checks if there is any instance of netfilter_ops structure is registered with the HOOK or not. int ip_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt, struct net_device *orig_dev) NF_HOOK(PF_INET, NF_INET_PRE_ROUTING, skb, dev, NULL,ip_rcv_finish) NF_HOOK_THRESH(pf, hook, skb, in, out, okfn, INT_MIN) nf_hook_thresh(pf, hook, skb, in, out, okfn, thresh) nf_hook_slow(pf, hook, skb, indev, outdev, okfn, thresh) nf_iterate(&nf_hooks[pf][hook], skb, hook, indev, outdev, &elem, okfn, hook_thresh) verdict = elem->hook(hook, skb, indev, outdev, okfn); MY QUESTIONS QUES 1 --> What is this nf_hook_slow function why is it called so ? QUES 2 --> How does the registration of custom hook process takes place exactly and how does packet know if there is any rule registered for it or not in the kernel code ? Thanks In Advance. Ninad. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
