Hello,
In my netfilter hook, I am creating a new broadcast packet and
dropping the actual unicast packet. I have tried NF_DROP and NF_STOLEN
to drop unicast packet. But Both times I can see the original packet
in wire shark along with the new broadcast packet. There are no TCP
dup acks from the receiver side before unicast packet is sent. Does
netfilter frame work informs TCP about the packet drop and because of
that TCP is sending the packet again ? Or else the original packet
itself is not dropped.
Following is the code line where I defined nf_hook_ops.
static struct nf_hook_ops trm_ops = {(struct list_head) {NULL, NULL},
(nf_hookfn *)trm_hook, (struct module*)THIS_MODULE, (uint8_t) PF_INET,
(unsigned int)NF_IP_POST_ROUTING, (int)NF_IP_PRI_LAST };
When I receive packet in my hook, the packet has TCP and IP headers.
Any help greatly appreciated.
Thanks
Rohin Sudini
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
