Hello I have a netfilter module on the mangle table PREROUTING... I want to validate unexpired routes in ipv4 headers, but I think the TCP/IP stack already does this... because it is mentioned on the rfc 1812 so I'm guessing it is already implemented by the kernel but somehow my module catches the packet first before the kernel does its magic... As I understand the picture I'm attaching represents the whole process the TCP/IP stack performs to handle the options in a IPv4 packet, but I still don't understand how netfilter works with the stack Do I have to process the packet's options in my module or what? Please, help Regards
Attachment:
Screenshot from 2012-11-07 15_50_47.png
Description: PNG image
