> -----Original Message----- > From: kernelnewbies-bounces+jharan=bytemobile.com@xxxxxxxxxxxxxxxxx > [mailto:kernelnewbies- > bounces+jharan=bytemobile.com@xxxxxxxxxxxxxxxxx] On Behalf Of Shawn > Sent: Monday, August 01, 2011 7:22 AM > To: kernelnewbies@xxxxxxxxxxxxxxxxx > Subject: [net] Hacking the wholism of GNU/Linux net* > > hi guys, > > I have written an article[1] for newbies who are willing to learn > networking stuff in linux kernel. I hope this introduction-level > article can help you understand the mechanism of netfilter and NIC > driver. > > For this article, any critical comments are welcomed! > > > [1] http://hfg- > resources.googlecode.com/files/hacking_the_wholism_of_linux_net.txt > I personally welcome all attempts to document this perplexing Linux kernel feature and applaud your attempt to do so. Couple of suggestions for improvement: "Your hook function's prototype is like below: typedef unsigned int nf_hookfn(unsigned int hooknum, struct sk_buff *skb, const struct net_device *in, const struct net_device *out, int (*okfn)(struct sk_buff *));" It would be nice if the document defined what the purpose of the okfn parameter that is passed to the above function is. What is it for and what does a hook function need to do with it? What do the "in" and "out" parameters point to and under which conditions are they valid? For instance, what is "out" going to point to during a PREROUTING hook? "The hook functions will return some values to tell Netfilter what to do then, when the hook functions are done. These values are displayed in the Table below: Table 3: Return code of hook function Return Code Meaning NF_DROP Discard the packet. NF_ACCEPT Keep the packet. NF_STOLEN Forget about the packet. NF_QUEUE Queue packet for userspace. NF_REPEAT Call this hook function again." Likewise, it would be nice if the document provided some more explanation of the above return codes. For instance, what's the difference between NF_DROP and NF_STOLEN and when should your hook function return one vs. the other? If you return NF_REPEAT, when does the hook function get called again for the given packet and under what kind of circumstances would you want to return NF_REPEAT? If you return NF_QUEUE, how is the NF queue number that the packet will get queued to determined? "Finally, I thank my beautiful wife for proofreading the article and helping me fix the grammar errors." Not to cast aspersions on your wife, but you might want to pass this document through a spelling checker. It contains numerous spelling errors. For example, the word "firstable" that begins section 2.4.1 does not exist in the English language. Thanks, Jeff Haran _______________________________________________ Kernelnewbies mailing list Kernelnewbies@xxxxxxxxxxxxxxxxx http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
