On Fri, 22 Feb 2013 14:36:17 +0200, Adel Qodmani said: > My question is quite simple, I have an sk_buff that I want to transmit, the > sk_buff is an ICMP message and so far, I've built the headers and set up > everything. Others have given some details on "how". A better question is "why". Sending an ICMP message without the rest of the IP stack's knowledge is usually a bad idea, because it can cause the remote end's concept of network state to become desynchronized with the local concept. As a quick example, consider a spurious 'host/port unreachable' sent to the remote end - many IP stacks will use that info to abort a TCP 3-packet handshake. However, the rest of *your* end thinks the connection is still trying to establish. So what are you trying to accomplish by sending a forged ICMP packet from within the kernel? There may be better ways to approach it (for example, if you're trying to say "this port is closed", a better way is to use iptables with a '-j REJECT --reject-with xxxx', which will (a) do all the heavy lifting of sending the ICMP for you and (b) also prevent the packet from making it to the rest of the local IP stack...
Attachment:
pgpjJa7SEIjGQ.pgp
Description: PGP signature
_______________________________________________ Kernelnewbies mailing list Kernelnewbies@xxxxxxxxxxxxxxxxx http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies