Hi -
=?KOI8-R?B?SWdvciAnTG8nICjpLkwuKQ==?= <bombsiteunrested@xxxxxxxxx> writes:
> What I look for is reimplementing a part of NFQUEUE functionality at
> the stage where TCP packet is formed before sending to network.
I don't know what I'm talking about, but... :
Are you sure NFQUEUE gets involved in outgoing tcp fragmentation?
> It seems that NFQUEUE can't just handle expanded (> MTU) packet, and
> also want to have control over SEQ/ACK numbers assigned to
> both packets and connection structures.
It'd be the TCP layer's job to fragment outgoing packets, considering
the appropriate MSS. conntrack defragments, as far as I can see,
nfqueue doesn't deal with the issue at all.
> [...] Can anyone point me to correct place in kernel sources to
> see/attach with SystemTap and track how SEQs are generated and how
> outgoing packets are planned to be fragmented or even dropped?
> Deliberately want a good tour. [...]
For plain ipv4, for recent systemtap versions:
probe kernel.function("secure_tcp_sequence_number").return {
printf ("%s -> %d\n", @entry($$parms), $return)
}
[...]
saddr=0x100007f daddr=0x100007f sport=0xcee1 dport=0x3815 -> 1787682413
saddr=0x100007f daddr=0x100007f sport=0x3815 dport=0xcee1 -> 1793064379
saddr=0x100007f daddr=0x100007f sport=0x75c9 dport=0xf03 -> 1934845113
saddr=0x100007f daddr=0x100007f sport=0xf03 dport=0x75c9 -> 1938803971
[...]
probe kernel.function("tcp_fragment") {
println($$parms, " ", @cast(&$skb->cb[0], "tcp_skb_cb")->seq,
" ", @cast(&$skb->cb[0], "tcp_skb_cb")->end_seq)
}
sk=0xffff8805215d4880 skb=0xffff8805125fac00 len=0x500 mss_now=0x5a8 1280 3015968150 3016000006
[...]
- FChE
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
