Hello, I developed some months ago a simple cryptography x_tables module to encrypt/decrypt packets when routing as an academic example for my students. It was a simple caesar cipher, but it worked very nice, and it was very fast too. Now I want to show them an example with a good cipher and that requires me to use a different nonce for each message (a message counter). The idea would be to have a counter that is incremented each time the target method is called, and append it to the encrypted message. My first question is where should I put the counter. A local variable should not work since its value would be lost for the next call, but a global variable might be problematic when many rules use the same target and I need a different counter for each rule. A very good point to have it would be in the struct xt_action_param (in the field tarinfo), but this parameter is declared constant, so I assume it is not possible to have a variable there to increment. My other question is if you know what other module can I use as reference that append data to the packet. I am afraid that at some point I might receive a skb without enough space to call an skb_put to put some extra data at the end. But I suppose there should be some modules that do similar things so I can work based on them. I would appreciate if you can give me some lights here. Thank you -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
