On Wednesday 2009-09-09 18:03, Balaji Venkatamohan wrote: > >1. How does the conntrack module code access the header fields of an IP >packet? Does the accessing of IP packets fall under the functions of >ip_conntrack module or ip_tables module? Neither; you do that with, for example, skb_header_pointer, a core network function. >2.I want to access the latest version of ip_tables, ip_conntrack and >ip_conntrack_ftp source code. I need to write a simple module on the lines >of ip_conntrack to allow a simple connection of my choosing. So I need to >know where to start coding. I will be grateful if I get some help in this >regard. nf_conntrack itself does not "allow" connections. It just tracks them. Additionally, the 'real work' is done by submodules such as nf_conntrack_ipv4, nf_conntrack_ipv6, nf_conntrack_proto_sctp, etc. >3. Is it possible to write our own ip_conntrack module and if yes can we >define our own state table? Who defines a state table and where is it >defined? I think you will be wanting nf_conntrack_proto_tcp.c. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
