Hi Amit thanks for ur prompt replies. firstly from ur replies it seems that 1: Whatever packets that i will construct using libnet or for that matter using ordinary bsd sockets would pass the relevant hooks in the netfilter based on the dest ip address i set. Is this true?? In this case i am constructing the packet completely on my own. Now what i want to do is steal(NF_STOLEN) packets at specific hooks (generally pre routing) within the netfilter and queue them to a user mode process. The User mode process does some processing and either sends the same packet or completely new and umpteen in number packets at the post routing hook in netfilter(from ur answer using libnet). >From ur answer it seems quite possible very easily. Correct me if i am wrong here. Also is there any advantage of using libnet over bsd sockets in terms of performance. Is there any other performance optmized way of sending and receiving packets from user to kernel mode?? Does netlink sockets way offer a more optimized way of doing it?? (Sorry for a flurry of questions!!) Now the second part is what if i want to move it all to kernel mode for performance reasons. This means steal packet at pre_routing and then queue them all to a kernel thread which was created using a kernel module. The kernel thread then does some processing on the packets and then sends either the captured packet or completely new packets out through the post routing hook. How can this be achieved?? regds Mayank -----Original Message----- From: aksingh@xxxxxxxxxxx [mailto:aksingh@xxxxxxxxxxx] Sent: Tuesday, June 29, 2004 11:21 AM To: Mayank Kumar Cc: netfilter@xxxxxxxxxxxxxxxxxxx Subject: RE: injecting new packets into the netfilter Hi, You want to insert packets within the kernel module thta has netfilter hooks ?, I dont thinkthat is a very good idea, as the packets u send using a libnet application wld be caught at the netfilter hooks, if the application resides on the same pc on which yr kernel module that has hook funcstions resides, then those packets will traverse, local_out, post routing, pre_routing, local_in etc based on their dest ip addresses, any packet coming from ethernet wld traverse pre_routing, then local_in or ip_forward and post_routing ..... Amit "Mayank Kumar" <mayank_kumar@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>@lists.netfilter.org on 06/29/2004 11:15:52 AM Sent by: netfilter-admin@xxxxxxxxxxxxxxxxxxx To: Amit Kumar Singh/HSS@HSS cc: <netfilter@xxxxxxxxxxxxxxxxxxx> Subject: RE: injecting new packets into the netfilter Hi Akash i know of this library. But i want to inject packets at precise hooks in the netfilter. for e.g. i want to inject packets whenever the need arises ,at the fwding hook or the post routing hook. Will the raw packets i send using the libnet get caught at hooks inserted using netfilter at various points. regds Mayank -----Original Message----- From: aksingh@xxxxxxxxxxx [mailto:aksingh@xxxxxxxxxxx] Sent: Tuesday, June 29, 2004 10:49 AM To: Mayank Kumar Cc: netfilter@xxxxxxxxxxxxxxxxxxx Subject: Re: injecting new packets into the netfilter Hi, Try libnet for injecting new packets, you can use raw packets(u inject from userland), libnet provides you with a better interface, but you wld need root permission to use raw sockets. you can get libnet library from packetfactory.net HTH Amit "Mayank Kumar" <mayank_kumar@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>@lists.netfilter.org on 06/29/2004 10:17:16 AM Sent by: netfilter-admin@xxxxxxxxxxxxxxxxxxx To: <netfilter@xxxxxxxxxxxxxxxxxxx> cc: Subject: injecting new packets into the netfilter Hi all, I want to know how can we inject absolutely new packets at various hook points in netfilter. I have already seen some questions posted on this earlier too but no replies as such. I am very eager to know about this because using this we can construct some really cool stuff. Currently we are undergoing a project on this and it would be of greate help if somebody can find a solution to this. Thanks in advance for any help on this. regds Mayank