Frank Abel wrote:
Hi all! You don't want "to alter the netfilter/iptables code", libipq can resolve your problem if you dont't want high speed or if you only need you mangle some packet. besides you can uses libipq to prototype the final implementation. Look up in this list messages which have in subject the word libipq. Other source of information is man libipq. In the web there is many examples of programs that alter the IP header.
Salute Frank Abel
Thanks Frank
I looked into the libipq user space queueing option, but unfortunately switching to user space is not feasble in my case (every single packet on a GBit ethernet needs to be stamped, and resource utilisation is a big issue). Some further reading of the netfilter FAQ has revealed that patch-o-matic based extensions seem to be the way that others have achieved things similar to my aims.
http://www.netfilter.org/documentation/HOWTO//netfilter-extensions-HOWTO-4.html
Can anyone confirm that I'm heading in the right direction?
Thanks in advance...
Quinton
----- Original Message ----- From: "Quinton Hoole" <quinton@xxxxxxxxx>
To: <netfilter@xxxxxxxxxxxxxxxxxxx>
Sent: Monday, May 16, 2005 5:22 AM
Subject: Mangling IP Options fields
Hi
This newbie needs to add and/or rewrite data in the IP Options fields. The MANGLE chain looks like the place to do this, but I don't see the appropriate target extensions to achieve it. It seems easy to mangle most other fields (DSCP, ECN, TOS, TTL etc) but no mention of the OPTIONS fields.
Is mangling of IP options fields supported by netfilter/iptables?
If not, I'm going to have to make it happen some how. Any pointers towards the recommended approach in this regard would be appreciated. I'm assuming that I'll have to alter the netfilter/iptables code appropriately, which is not a problem.
Thanks in advance...
Quinton
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
