2011/1/12 Amos Jeffries <squid3@xxxxxxxxxxxxx>: > > On 12/01/11 04:26, Roc Bai wrote: >> 2011/1/11 Jan Engelhardt<jengelh@xxxxxxxxxx>: >>> >>> On Tuesday 2011-01-11 04:22, Roc Bai wrote: >>>>>> Dear all: >>>>>> in my service, there are four net card. eth0, eth1, eth2, eth3. >>>>>> I >>>>>> want to forward the data in from eth0 to eth1, eth2, eth3 with >>>>>> different application protocol. Does some body send me some ideas on >>>>>> it? >>>>> >>>>> If you want to re-route packages, that has to happen in pre-routing. >>>>> If you want to use DNAT for examples, just add a rule to the >>>>> PREROUTING chain in the nat table. >>>> >>>> I think the DNAT should change the package data, including the IP or >>>> higher level protocol header, isn't it? >>> >>> That is the point of NAT. NAT is _not_ routing/forwarding (dammit). >>> And it's "packet", not "package". >>> >>>> I think the best idea which can redirect the package is to add/change >>>> the route rule to do it. I have write some source codes which doesn't >>>> work. >>> >>> That's redundant (and as you can see, error prone). Just use >>> the iproute utilities to define extra rules and routes, which >>> are known to work. >>> >>>> ncf_get_entry() can generate a dst_entry whose dev point to the eth2 >>>> net_device structure. But when i use tcpdum -i eth2. I cannot get the >>>> package from eth0. So it doesn't work. >>> >>> I don't expect it to. You are using a global variable, which is not >>> SMP-safe without a lock. >>> You might find Paul McKenny's Parallel Programming Book helping. >> Jan, thanks your comments. >> I want to make the packet ( I think it's right now:) ) redirected to >> an anticipant port, so I haven't consider the concurrent problem now. >> >> In the requirement, redirect the packet with protocal is the first >> step, and in the second step, the system should redirect the packet >> with application packet content, such as GET in HTTP. >> >> eth0 ---------- if (GET in SKB), redirect to ----------> eth2 >> >> So i think i have to write my module to redirect the packet now, and >> then i can change little in the future. That's the key why i thouldn't >> to use the exist nat/diverter tool. >> >> Maybe i want to know how to set the SKB in the >> ip_route_input_common() routine. Then the SKB can be send out from >> eth2 port. So >> whether my plan is right, to create a dst-entry and add it to >> skb->_skb_refdst? and Whether the dst_entry optiosn values are >> corrent? >> > > This discussion is showing signs of being an XYZ problem. > http://www.perlmonks.org/index.pl?node_id=542341 > > Roc Bai, are you attempting to do this redirection for *any* protocol? or > just for some specific ones related to a not mentioned task? Any protocol, such as packets in from eth0 ----> Http to eth1 -----> Ftp to eth2 -----> RTSP to eth3 Note, I thould check the content (But not the app port, such as 80 for http, as it doesn't work all the time) which the packet use which kinds of protocol, then i redirect it. > > > AYJ > -- ------------------------ Thinking before action, but you are wasting time if you don't do action. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html