Hi, I'm developing a kernel module using netfilter to enforce intentional delay on every packet outgoing. My algorithm is simple; if a packet's destination IP and TCP/UDP port numbers are matched, my LOCAL_OUT hook module steals the packet and returns NF_STOLEN, and then keeps the sk_buff pointer for some delay time and then release the packet via ip_send(). I'm currently debugging the module in UDP sendto() function. My problem is that the maximum number of packets that can be sustained by my kernel module is only about 50. The strange thing is that if the number of held packets reaches to the number, the sendto() function is blocked and no more packet comes into LOCAL_OUT hook. Only when the number is decreased, the blocking is released. It is quite sure that the Linux UDP stack blocks the sendto() function. Is there any limitation of number of allocated sk_buffs in UDP stack? If that kind of thing exist, how can I check it and how can I increase the maximum number? I'm using Linux kernel 2.4.17 with the netfilter. Any comments will be welcomed. Thanks in advance. - Jay
