Use a netfilter LKM instead of going through the kernel source. Insert your hook at the appropriate place and capture the packets. You can also filter them if you want to. Export the data-structure between the kernel & the LKM so u can access them in both. -----Original Message----- From: kernelnewbies-bounce@xxxxxxxxxxxx [mailto:kernelnewbies-bounce@xxxxxxxxxxxx]On Behalf Of rajat swarup Sent: Tuesday, March 29, 2005 4:22 PM To: kernelnewbies@xxxxxxxxxxxx Subject: Raw network packets in kernel Hi, I am doing an academic project in which I need to capture the network packets off the wire. This capturing needs to be done in the kernel itself as the other component of this project works in the kernel and takes input from a data structure generated by this packet capturing module. I was looking through the kernel code and could not find specific places where something like a "raw packet" could be found. Should I capture the packets through the device driver module? Or Could someone advise me as to where in the kernel I should look to get access to the raw data packets? Thanks, Rajat Swarup. -- Kernelnewbies: Help each other learn about the Linux kernel. Archive: http://mail.nl.linux.org/kernelnewbies/ FAQ: http://kernelnewbies.org/faq/ -- Kernelnewbies: Help each other learn about the Linux kernel. Archive: http://mail.nl.linux.org/kernelnewbies/ FAQ: http://kernelnewbies.org/faq/
