Problem in adding additional heade

Marc Kurtz mkurtz@dsdlabs.com
Fri, 12 Oct 2001 10:09:28 -0400


This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

------_=_NextPart_001_01C15327.81A63D30
Content-Type: text/plain;
	charset="iso-8859-1"

You need to change the IP total length field in the IP header and
re-checksum. You were on the right track in #2 by changing the total length
field, but I think the packet gets dropped because the IP checksum is now
incorrect.
 
-Marc Kurtz


 -----Original Message-----
From: Shiva Raman Pandey [mailto:shiva@sasken.com]
Sent: Friday, October 12, 2001 1:06 AM
To: netfilter-devel@lists.samba.org
Subject: Problem in adding additional heade


Hello Friends,
My actual requirement is to insert my own header between Ethernet header and
IP header to all the packets generated at this machine and  remove the same
from all the packets meant for this machine.
So Packets leaving from this machine will look like(assume my header is
BlueTooth header)
Ethernet header -- BT header --IPheader--TCP/UDP/ICMP header
I tried to using Netfilter to solve my purpose, but found that I cant get
the
packet directly from ethernet. Even the very first hook PRE_ROUTING also
gives
from IP layer only.
So if I add my BT header before IP header, IP layer will not accept the
packet
when I will call 'set_verdict'.
So I changed my design :(, to do some dirty work like add the copy of IP
header before BT header again.
Now it will look like
IP header--BT header--IP header--TCP/UDP/ICMP header
and at the recieving end it will remove the IP header--BT header leaving the
remaining packet starting with IP header.

For example, say ping command, packet length = 84 bytes, IP header length =
20
bytes, ICMP header length = 8bytes and my BT header length = 5 bytes
so I made the new packet of length 20+5+20+(84-20) = 109 bytes and called
the
function set_verdict, with data_len = 109, and this 109 bytes long payload.
Now at the recieving machine I should get the 109 bytes long packet, but in
fact IP_QUEUE is giving the packet of 84 bytes only, that are in fact first
84
bytes of the 109 bytes long packet.
Note - I have not touched the checksum fields.

So, my questions are :
1) When I am sending 109 bytes, why I am getting only 84 bytes?
2) I tried changing the payload[3] (ie, packet length field) to 109, in that
case the packet never reaches the destination, why?
3) Is this problem due to checksum?
4) Is there any way using netfilter, I can get the packet from ethernet
directly, that will suit my actual design? or any other easy way?
5) How can I verify that the sending machine is actually sending 109 bytes(I
mean not reducing it to 84)?

Please send me your suggestions to  find out the solution for this problem

Thanks alot.
Regards
Shiva Raman Pandey
Research Associate, Computer Science -R&D
Sasken Communication Technologies Limited
Bangalore, India


------_=_NextPart_001_01C15327.81A63D30
Content-Type: text/html;
	charset="iso-8859-1"

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">


<META content="MSHTML 5.50.4807.2300" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><SPAN class=865061214-12102001><FONT face=Arial color=#0000ff size=2>You 
need to change the IP total length field in the IP header and re-checksum. You 
were on the right track in #2&nbsp;by changing the total length field, but I 
think the packet gets dropped because the IP checksum is now 
incorrect.</FONT></SPAN></DIV>
<DIV><SPAN class=865061214-12102001><FONT face=Arial color=#0000ff 
size=2></FONT></SPAN>&nbsp;</DIV>
<DIV><SPAN class=865061214-12102001><FONT face=Arial color=#0000ff size=2>-Marc 
Kurtz</FONT></SPAN></DIV>
<BLOCKQUOTE dir=ltr style="MARGIN-RIGHT: 0px"><FONT face=Tahoma>
  <DIV class=OutlookMessageHeader dir=ltr align=left><FONT size=2><SPAN 
  class=865061214-12102001>&nbsp;</SPAN>-----Original 
  Message-----<BR><B>From:</B> Shiva Raman Pandey 
  [mailto:shiva@sasken.com]<BR><B>Sent:</B> Friday, October 12, 2001 1:06 
  AM<BR><B>To:</B> netfilter-devel@lists.samba.org<BR><B>Subject:</B> Problem in 
  adding additional heade<BR><BR></DIV></FONT></FONT>
  <DIV><FONT face=Arial size=2>Hello Friends,<BR>My actual requirement is to 
  insert my own header between Ethernet header and<BR>IP header to all the 
  packets generated at this machine and&nbsp; remove the same<BR>from all the 
  packets meant for this machine.<BR>So Packets leaving from this machine will 
  look like(assume my header is<BR>BlueTooth header)<BR>Ethernet header -- BT 
  header --IPheader--TCP/UDP/ICMP header<BR>I tried to using Netfilter to solve 
  my purpose, but found that I cant get the<BR>packet directly from ethernet. 
  Even the very first hook PRE_ROUTING also gives<BR>from IP layer only.<BR>So 
  if I add my BT header before IP header, IP layer will not accept the 
  packet<BR>when I will call 'set_verdict'.<BR>So I changed my design :(, to do 
  some dirty work like add the copy of IP<BR>header before BT header 
  again.<BR>Now it will look like<BR>IP header--BT header--IP 
  header--TCP/UDP/ICMP header<BR>and at the recieving end it will remove the IP 
  header--BT header leaving the<BR>remaining packet starting with IP 
  header.<BR><BR>For example, say ping command, packet length = 84 bytes, IP 
  header length = 20<BR>bytes, ICMP header length = 8bytes and my BT header 
  length = 5 bytes<BR>so I made the new packet of length 20+5+20+(84-20) = 109 
  bytes and called the<BR>function set_verdict, with data_len = 109, and this 
  109 bytes long payload.<BR>Now at the recieving machine I should get the 109 
  bytes long packet, but in<BR>fact IP_QUEUE is giving the packet of 84 bytes 
  only, that are in fact first 84<BR>bytes of the 109 bytes long packet.<BR>Note 
  - I have not touched the checksum fields.<BR><BR>So, my questions are :<BR>1) 
  When I am sending 109 bytes, why I am getting only 84 bytes?<BR>2) I tried 
  changing the payload[3] (ie, packet length field) to 109, in that<BR>case the 
  packet never reaches the destination, why?<BR>3) Is this problem due to 
  checksum?<BR>4) Is there any way using netfilter, I can get the packet from 
  ethernet<BR>directly, that will suit my actual design? or any other easy 
  way?<BR>5) How can I verify that the sending machine is actually sending 109 
  bytes(I<BR>mean not reducing it to 84)?<BR><BR>Please send me your suggestions 
  to&nbsp; find out the solution for this problem<BR><BR>Thanks 
  alot.<BR>Regards<BR>Shiva Raman Pandey<BR>Research Associate, Computer Science 
  -R&amp;D<BR>Sasken Communication Technologies Limited<BR>Bangalore, 
  India</FONT></DIV></BLOCKQUOTE></BODY></HTML>

------_=_NextPart_001_01C15327.81A63D30--