Le mardi 06 mars 2007 à 16:39 +0100, Jack Bauer a écrit : > Hi, > > I'm a student in computer science and for my master thesis i have to > handle packets in a userspace queue. Libipq works fine for me, except > one information which is missing: the owner of a (transmitted) packet. ipqueue is deprecated in favor of libnetfilter_queue and I'm quiet sure that no new functionnalities will be pushed to upstream. You may try to port this to libnetfilter_queue and send your patch to netfilter-devel. > With the following two additional lines, the problem seems to be solved: > > in file > include/linux/netfilter_ipv4/ip_queue.h > in > typedef struct ipq_packet_msg_t > line 33 add: > > unsigned int uid; /* uid of packet owner*/ > > > in file > net/ipv4/netfilter/ip_queue.c > line 249 add: > > pmsg->uid = entry->skb->sk->sk_socket->file->f_uid; I don't think this information will be available for non-local packet (What happens if you queue a packet in FORWARD chain ?). You need at least to protect the assignement. > Initial tests have been successful and are showing the correct uid in > ipq_packet_msg_t in userspace. Please tell me, what you think about > this modification. > > Since I found some other people who are looking for the same > information, i wonder if there is a possibility to include the uid > field officially in the source of netfilter?! Don't think so. BR, -- Eric Leblond <eric@xxxxxx> INL
Attachment:
signature.asc
Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=
