Hello,
I'm a student at the University of Liege, currently developing a NAT64
(see RFC 6146) module for Netfilter.
I am using the icmp_send() function in my module to send icmp message in
case the packet represent an error (like, TTL exceeded or DEST_UNREACHABLE).
But it seems to be broken for me, the dst of the original packet doesn't
seem to be set.
I'm using 2.6.32-5 kernel to developp, but the function itself didn't
seem to have been updated in the 2.6.38 kernel.
The modification I had to apply is to re-execute the routing process on
the incoming paquet in order to get the ICMP packet sent:
if (!rt)
{
memset(&fl, 0, sizeof(fl));
fl.fl4_dst = oldip->daddr;
fl.fl4_tos = RT_TOS(oldip->tos);
fl.proto = skb_in->protocol;
if (ip_route_output_key(&init_net, &temp, &fl))
goto out;
if (!temp)
{
pr_info("NAT64: rt null\n");
goto out;
}
rt = temp;
}
instead of the simple
if (!rt)
// goto out;
Is there an other reason why the rtable of the incoming packet was not set?
Regards,
Pierre
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
