Re: How to copy, modify and send the modified duplicate of an sk_buff

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wednesday, July 22, 2009 02:33:56 H M Thalib wrote:
> Loránd Jakab wrote:
> > Hello,
> >
> > I am working on implementing an experimental network protocol. I
> > have netfilter hook which changes the payload after the IP header
> > and the destination IP in packets with a certain protocol id. This
> > part works.
> >
> > For some packets, I need to generate an extra packet. To do this, I
> > copy the sk_buff, modify stuff on the copy and try sending it with
> > dev_queue_xmit(), then modify the original and return NF_ACCEPT.
> > The result is: the original get through (the one with NF_ACCEPT)
> > but the copy doesn't.
> >
> > Here's the code for copying and sending the copy:
> >
> > static void send_payload(struct sk_buff *skb, struct in_addr rloc)
> > {
> >     struct iphdr *ipheader;
> >     struct sk_buff *ccgen = skb_copy_expand(skb, 0, 0, GFP_ATOMIC);
> >     if (!ccgen)
> >         pr_debug("packet copy failed\n");
> >
> >     ipheader = ip_hdr(ccgen);
> >     ipheader->protocol = 0xfd;
> >     ip_send_check(ipheader);
> >
> >     /* Not sure if the next line is necessary */
> >     ccgen->csum = csum_partial(ccgen->data, ccgen->len, 0);
> >
> >     if (dev_queue_xmit(ccgen) < 0)
> >         pr_debug("failed to send payload\n");
> > }
> >
> > I use skb_copy_expand to create the copy. I use the expand version,
> > because after I get this to work, I will have to add more payload
> > to the packet. First step is to change the protocol number and put
> > the packet on the wire.
> >
> > What am I doing wrong? Why is the packet not sent?
> >
> > Thanks in advance!
> >
> > Regards,
> > Loránd Jakab
> >
> > --
> > To unsubscribe from this list: send an email with
> > "unsubscribe kernelnewbies" to ecartis@xxxxxxxxxxxx
> > Please read the FAQ at http://kernelnewbies.org/FAQ
>
> Hi,
>
> I don't have knowledge in the network driver side. but I will try,
>
> - Check you have modified the iptables rules to let out all the
> packets, make sure it is not blocking any packets.
>
> - are you sure it is sending the packets to wire, then checkout the
> ifconfig and see the packet counts of TX is incremented also look at
> /proc/interrupts
>
> - If the packets are out and the opposite machine is not showing the
> packets  then probably run the tcpdump in sender and receiver to
> watch where the packet goes, this gives some clues where it gets
> dropped

Hi,

Thanks for the pointers. There are no iptables rules loaded, netfilter 
is only for grabbing and manipulating packets. It does show up on the 
wire, but as garbage. After a closer inspection, what happens is that it 
is trasmitted with the IP header as the MAC header, and on the wrong 
interface.

Regards,
Lori

--
To unsubscribe from this list: send an email with
"unsubscribe kernelnewbies" to ecartis@xxxxxxxxxxxx
Please read the FAQ at http://kernelnewbies.org/FAQ



[Index of Archives]     [Newbies FAQ]     [Linux Kernel Mentors]     [Linux Kernel Development]     [IETF Annouce]     [Git]     [Networking]     [Security]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux SCSI]     [Linux ACPI]
  Powered by Linux