Hi. Check the outgoing traffic with tcpdump on machine A, and check the offloads on machine B. 2016-08-29 19:12 GMT+03:00 Pierre-Antoine BRAMERET <pa.brameret@xxxxxxxxx>: > Hi, > > > I recently discovered netfilter_queue, and have a question about > changing the packet size before accepting it. What happens when the > accepted packet is now too large and would require splitting? > > I have tested the following situation. Computer A filters outgoing UDP > packets toward a given port and multiple by 10 their payload before > accepting them. An app sends a packet from A to computer B, which is > reachable through a LAN. The MTU of the corresponding ethernet devices > is 1500. I sent a packet with an initial payload of 200 bytes, which > is correctly multiplied by 10 by my filter callback, and gives a > single IP packet of more than 2000 bytes. On computer B, I see through > tcpdump that a single packet arrives, with an erroneous IP header > (total length is 1500, packet is marked as fragmented), but a correct > UDP header (length is 2008 bytes). The 2000 bytes of UDP payload are > correctly received by the socket on computer B. How would that happen? > > I have seen the discussion about what may happen to a packet that is > larger (http://marc.info/?l=netfilter&m=133494380818412), is this the > case here? > > > Many thanks, > -- > BRAMERET Pierre-Antoine > -- > To unsubscribe from this list: send the line "unsubscribe netfilter" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html -- Anton. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
