NetFilter
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Routing packets via a C program

from [Jan Engelhardt] [Permanent Link][Original]
To: Luca Bedogni <bedogniluca-linux@yahoo.it>
Subject: Re: Routing packets via a C program
From: Jan Engelhardt <jengelh@linux01.gwdg.de>
Date: Sat, 27 Jan 2007 15:55:29 +0100 (MET)
Cc: netfilter@lists.netfilter.org
Delivered-to: sp-com-lists@consult.net
Delivered-to: netfilter-list1@securepoint.com
In-reply-to: <200701220958.51794.bedogniluca-linux@yahoo.it>
List-archive: </pipermail/netfilter>
List-help: <mailto:netfilter-request@lists.netfilter.org?subject=help>
List-id: General discussion and user questions <netfilter.lists.netfilter.org>
List-post: <mailto:netfilter@lists.netfilter.org>
List-subscribe: <https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=subscribe>
List-unsubscribe: <https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=unsubscribe>
References: <200701220958.51794.bedogniluca-linux@yahoo.it>
Sender: netfilter-bounces@lists.netfilter.org 
On Jan 22 2007 09:58, Luca Bedogni wrote:
>
>Hi all
>       i'm writing down a simple program for routing the packets manually. The
>idea is: if a packet comes from a specific IP (192.168.0.2) I set ip->saddr to
>my ip and then accept it. And, if a packets comes from the outside, i set
>ip->daddr to 192.168.0.2 and then accept it. I recalculate the checksum and
>it's correct (i can see that by printing out it).

What for - are you trying some nifty SNAT/DNAT trick?

>The basic problem is that, sniffing packets with wireshark, i can see the 
>packet from 192.168.0.2 to outside, but not mine to outside.
>
>I also tried with NF_REPEAT and NF_ACCEPT and NF_QUEUE when calling 
>ipq_set_verdict, but nothing changed..

You should be fine by QUEUEing packets in PREROUTING (or at least somewhere
before the <Routing Decision> in [PacketFlow]), modify them in your userspace
program, reinject them, and have the <Routing Decision> do the right then.


        -`J'
--
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: port forwarding through localhost, Jan Engelhardt
Next by Date:  Re: redirecting on a local machine, Jan Engelhardt
Previous by Thread:  Routing packets via a C program, Luca Bedogni
Next by Thread:  Re: Routing packets via a C program, Luca Bedogni
Indexes:  [Date] [Thread] [Top] [All Lists]