Hi...
Hi,
I'm using ip_tables and ip_queue modules to trap the packets from IP stack
to a userspace VPN product, using nothing but standard kernel modules (and
my own VPN proxy app). The packets flowing into or out of the machine get
diverted to a userspace application (actually a VPN client), where src/dest
addresses are modified if needed, and then injected back into the local IP
stack.
Just trying to clear up some doubts:
1. Which chain(?) do you use ? pre routing? post routing?
2. How do you inject the packet back to the kernel?
My raw hypothese: there is a chance you put back the packet into
postrouting chain. The network stack realize it, but since it's already
queued for outer destination, it gave you the error message instead.
regards,
Mulyadi
--
To unsubscribe from this list: send an email with
"unsubscribe kernelnewbies" to ecartis@xxxxxxxxxxxx
Please read the FAQ at http://kernelnewbies.org/FAQ
