NetFilter
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Generating pseudo-packets with netfilter

from [Dai MIKURUBE] [Permanent Link][Original]
To: netfilter@lists.netfilter.org
Subject: Re: Generating pseudo-packets with netfilter
From: Dai MIKURUBE <dmikurube@acm.org>
Date: Tue, 19 Dec 2006 23:27:13 +0900
Delivered-to: sp-com-lists@consult.net
Delivered-to: netfilter-list1@securepoint.com
In-reply-to: <4587EE1F.8050203@acm.org>
List-archive: </pipermail/netfilter>
List-help: <mailto:netfilter-request@lists.netfilter.org?subject=help>
List-id: General discussion and user questions <netfilter.lists.netfilter.org>
List-post: <mailto:netfilter@lists.netfilter.org>
List-subscribe: <https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=subscribe>
List-unsubscribe: <https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=unsubscribe>
References: <4587EE1F.8050203@acm.org>
Sender: netfilter-bounces@lists.netfilter.org
User-agent: Thunderbird 1.5.0.8 (Windows/20061025) 
Hi,

I make a supplementary explanation.


Finally, my purpose is to make "Pseudo 3-Way Handshake".

At first, a user process create a socket (with socket())
and make it TCP_LISTEN (with listen()).

Next, I'd like to make it's status CONNECTED without any
external computers for some reason. In order to do this,
it's necessary that the Linux Kernel believes a SYN packet
has come. So, of cource, to handle a SYN+ACK pakcet and to
reply an ACK packet are required.


If netfilter cannot generate packets out of nothing,
I think to take the following way:

1. My module call netif_receive_skb() directly to send a SYN packet.
2. Kernel replys a SYN+ACK packet,
    and my module catches it with netfilter.
3. My module DROPs the packet,
    and my module replys an ACK packet with netif_receive_skb().

But it seems to be a little hard. I'm happy if it can be done
with netfilter.

--
Dai MIKURUBE
   dmikurube@acm.org
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Generating pseudo-packets with netfilter, Dai MIKURUBE
Next by Date:  Filtering a web site returned from a Proxy, Tolga Onbay
Previous by Thread:  Generating pseudo-packets with netfilter, Dai MIKURUBE
Next by Thread:  Filtering a web site returned from a Proxy, Tolga Onbay
Indexes:  [Date] [Thread] [Top] [All Lists]