sebastienleger at yahoo
Sep 13, 2007, 6:20 AM
Post #1 of 2
(3433 views)
Permalink
|
|
is skb payload missing when using NF_IP_POST_ROUTING ?
|
|
Hi,
I'm trying to develop a queue handler using netfilter and
iptables mangling to catch all data coming in and out of my network
card. I'm using a hook on NF_IP_PRE_ROUTING and another one on
NF_IP_POST_ROUTING. Everything is running fine but...
unfortunately,
all skb received on NF_IP_POST_ROUTING hook seem to have a non
initialized random payload, however packet length is correct (size is
retrieved from IP header analysis, not from skb length field). Packet
payload is dumped on dmesg and compared to a live tcpdump capture
running in background: dmesg contains junk data above TCP layer instead
of pure FTP :(((
Does it mean that skb payload is not yet
available when NF_IP_POST_ROUTING hooks are called? my understanding
was that post routing was called just before sending packet on the
network device, is it wrong? if I misunderstood, how can I catch
packets coming out of my device and access to their full content?
Thanks in advance for your help.
best regards,
-- sebastien
my kernel is linux-2.6.17-14mdv, and iptables v1.3.5
I'm using simple commands to configure iptables:
iptables -t mangle -I PREROUTING -j TEST -i eth0
iptables -t mangle -I POSTROUTING -j TEST
-> I'm using the following function to determine packet size:
int getpacket_size(const struct sk_buff* packet) {
if(NULL == packet) {
return 0;
}
if (packet->protocol == ntohs(ETH_P_IP))
{
return ntohs(((struct iphdr*)packet->data)->tot_len);
}
return packet->len;
}
-> and this is my queue handler function:
static int my_queue_handler(struct sk_buff *skb, struct nf_info *info, unsigned int queuenum, void *data) {
printk("Pk content is:");
dump_packet_debug(skb->data, min(80, getpacket_size(skb)));
printk("\n");
nf_reinject(skb, info, NF_ACCEPT);
return 0;
}
_____________________________________________________________________________
Ne gardez plus qu'une seule adresse mail ! Copiez vos mails vers Yahoo! Mail
|
