Looking for a Confirmation on my analysis.
Once after Capturing the Socket Buffer in PRE_ROUTING Hook; Manipulated the Socket Buffer by using the "skb_pull" Kernel Function. Using skb_pull; stripped 28 bytes (IP+UDP) which are the Part of outer UDP/IP Header. Now; My intention was to route the skb based on the Inner IP Header which is sitting after stripping 28 bytes. At the END; returned NF_ACCEPT.
Even though; skb_pull worked Fine., Kernel's Stack is still looking in to Outer Header only for Routing the Packet.I expected ;Kernel will look the Inner Header (As data Pointer was incremented by 28 bytes via skb_pull) and Take decision based on the Inner one. But; that didn't happened. It looks to me like; we need to always use NF_STOLEN & should write our own code to route based on the INNER HEADER. Was my conclusion correct ??
-Thanks in Advance,
VKS
_______________________________________________ Kernelnewbies mailing list Kernelnewbies@xxxxxxxxxxxxxxxxx http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
