Hi, I am writing a hook function using netfilter on 2.6.23 kernel to capture packets generated by any application and insert strict source route options to the IP header of the packets. When I have my own client application, I am able to set the strict source route in the IP header of the packet using setsockopt function (for instance, setsockopt(sock, IPPROTO_IP, IP_OPTIONS, (char *)srp, srlen), where srp is an unsigned char* with the ip option for setting source route and srlen is the length of the option. Once the options have been set, I am able to read them using the netfilter hook NF_IP_LOCAL_OUT. Now, I want to set the same option using netfilter hook NF_IP_LOCAL_OUT and want to eliminate the usage of setsockopt(). Using the following code, I am able to populate a new ip_options data structure with the required source route information. struct ip_options *opt = kzalloc(sizeof(struct ip_options) + ((srlen + 3) & ~3), GFP_KERNEL); memcpy(opt->__data, srp, srlen); But, I am not sure how to add this new ip_options to the captured packet since I need to append the ip_options structure to the ip header of the packet. Also, I am not sure how to specify the new packet length, if I need to recompute the checksum, etc. Could anyone please give me some pointers as to how this can be done ? Thank you, Ashwini - To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
