Send Packets In Prerouting?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello, I'm writing a prerouting hook module that modifies packets and sends them back to the source without letting the higher layers know anything about it. Using tcpdump, I see that everything works fine except for the fact that the ethernet header is written incorrectly by dev_queue_xmit. Before I call dev_queue_xmit, the ethernet header is set to zero-- but then it goes writes in the same source/dest as were on it when the packet arrived, and it shouldn't because I manually change the IP's in my hook. I have no idea how macs are chosen even from close inspection of the code for dev_queue_xmit and friends. I thought it would inspect the packet's reversed IP addresses to see which macs to put in before sending it off but this isn't happening as I expect it to. Am I missing something here? Are there some fields I should set in the sk_buff to let dev_queue_xmit know that it needs to inspect the IP addresses in the packet before choosing/finding MAC addresses? 

Here is an abbreviation of the offending code:

//The main hook function
static unsigned int myhook_in_func(unsigned int hooknum,
		struct sk_buff *skb,
		const struct net_device *in,
		const struct net_device *out,
		int (*okfn)(struct sk_buff *))
{
                ......
                MAKE MODIFICATIONS TO THE PACKET HERE INCLUDING CHANGING IP'S
                ......		


                //The ethernet header is zero at this point-- I checked.
                skb_push(skb, ETH_HLEN);
	
                //Set the packet type to outgoing-- didn't help.
	       skb->pkt_type = PACKET_OUTGOING;
		
                //Send the packet on the wire; ARP resolution is done somewhere in here..				
		dev_queue_xmit(skb);

                //NF_STOLEN because dev_queue_xmit consumes the skb
                return NF_STOLEN;
}

The hook is registered in NF_IP_PRE_ROUTING. 

Thanks in advance for your help!
--Nader Al-Naji

PS: Wasn't sure whether to post this in the netfilter user list (instead of development) but after reading their questions, it seems to me that this is really more of a development-oriented issue. Please let me know if these kinds of questions actually belong more in the user list.


--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux