Hi all, I have a netfilter_queue app which de-obfuscates a already obfuscated udp packets. de-obfuscation process ends successfully but somehow packet is not reaching to the udp daemon. i'm suspecting this is happening because of a udp checksum mismatch. so i'm wondering how can i get logs of packets which are dropped because of udp checksum mismatch? I'm receiving the packets ok in my netfilter_queue app. and when i issue set_nfq_verdict() it also returns a positive value. problem is packet is not delivered to the udp daemon i'm expecting. i've straced my netfilter_queue app. it shows that it issues a sendmsg() to the udp socket which is listening for this. I've also straced my udp daemon. its stuck in poll() for receiving udp packet. but it does not return from this poll meaning that something is wrong. packet is lost in oblivion after set_nfq_verdict(). how can i debug it? i've heard linux by default dropps a packet if it does not have correct checksum if checksum is present, this behavior can be modified by recompiling the kernel. using a custom kernel is not in our agenda. my platform : Linux <hostname> 2.6.32-220.7.1.el6.x86_64 #1 SMP Wed Mar 7 00:52:02 GMT 2012 x86_64 x86_64 x86_64 GNU/Linux
Attachment:
signature.asc
Description: This is a digitally signed message part
