libipq and QUEUE
Maarten Wijnants
maarten.wijnants at pandora.be
Thu Mar 31 09:57:18 CEST 2005
Hi Jorn,
It IS possible to change the destination address of a packet in userspace
using libipq and the QUEUE target. However, if you do this, it is my
experience NO rerouting will occur. For example, if you change a packet's
destination from X to Y using libipq and subsequently reinsert the packet in
the kernel, the packet will still be delivered to machine X, although the
header of the packet will specify it is destined for machine Y! If you want
rerouting to occur, I think you are better off with the NAT table (I myself
have no experience with this).
greetings,
Maarten
----- Original Message -----
From: "Jørn Andre Berntzen" <jornandr at stud.ntnu.no>
To: "Netfilter Development Mailinglist"
<netfilter-devel at lists.netfilter.org>
Sent: Thursday, March 31, 2005 9:05 AM
Subject: libipq and QUEUE
Hi
I'm trying to write a redirect code that will change the destination
address
on specific packets using libipq and trying to avoid coding a
kernel-module.
From reading the man page on libipq and the functions one should be able
to manipulate the packet, update the checksum and reinject the packet to
kernel.
Has anyone here done this successfully or am I on the wrong path?
Is it possible to change the destination address using the ipq library and
the QUEUE target or does one have to make a module for doing this?
Any help is greatly appreciated.
Regards,
Jørn Andre
More information about the netfilter-devel
mailing list