Fwd: [Fwd: Re: trying to revive rtsp]

Punky punkytse at gmail.com
Mon Feb 27 10:44:19 CET 2006

Hi all,

I am helping Mickael to resend his rtsp patch as he found his mail
can't get to the list promptly.  As far, I am able to use his patch on
my own 2.6.15 kernel.  He already has another cleaner version of the
patch and will post to the list later.

- Punky

---------- Forwarded message ----------
From: Mickael Marchand <marchand at kde.org>
Date: Feb 21, 2006 2:56 PM
Subject: [Fwd: Re: trying to revive rtsp]
To: punkytse at gmail.com

resent to you as my mail to netfilter-devel seems to take ages to get in ...


-------- Original Message --------
Subject: Re: trying to revive rtsp
Date: Mon, 20 Feb 2006 21:16:49 +0100
From: Mickael Marchand <marchand at kde.org>
To: Patrick McHardy <kaber at trash.net>
CC: netfilter-devel at lists.netfilter.org
References: <43F87D21.7090305 at kde.org> <43F9FE37.9020109 at trash.net>


thanks for the tip Patrick, there were 2 bugs in my expectation paquet
as you thought, and I was missing the expectfn function mainly.

after fighting some hours with the code, importing old code back,
merging code from ip_conntrack_irc, I have been able to watch 3 RTSP
streams simultaneously behind my iptables firewall :)

it's probably bad code that definitely needs review and help from
others, my knowledge of netfilter being so low.

full patch against 2.6.15 attached

I will try to improve it if experienced netfilter people can give me the
good directions.

all comments are welcome :)

and well, of course, testers are welcome too.


Patrick McHardy wrote:
> Mickael Marchand wrote:
>>I am really a newbie to the netfilter coding world, so please forgive
>>any stupid questions :)
>>I have mostly ported the old rtsp conntrack+nat code to recent 2.6
>>kernels, compiles and loads fine into the kernel,
>>but I have some problems to make it work now :)
>>the initial TCP connexion to the RTSP server:554 is correctly detected
>>and the expectation packet seems to be properly setup :
>>cat /proc/net/ip_conntrack_expect
>>255 proto=17 src= dst= sport=0 dport=33302
>> is the RTSP server, is the client, is
>>the netfilter box.
>>so once the TCP connexion has been established, we expect a UDP stream
>>from the server going to the client port 33302.
>>my problem is that the expected packet does not get through the
>>netfilter box, I can see the UDP stream coming from the RTSP server and
>>going to my netfilter box,
>>the expectation packet seems to get removed of
>>/proc/net/ip_conntrack_expect as well (so basically it looks all good)
>>but the netfilter box does not forward packets to
>>so it looks like a NAT problem to me, maybe the UDP packets are not
>>getting NAT-ed back to the client.
>>my first question would be :
>>is it expected to see in the expected paquet ?
>>should not it be my external IP instead ?
>>any tips in what direction I could look ? :)
> Probably something related to the expect API changes and/or missing
> initializations. Compare your helper with other helpers and make sure
> you initialize all fields of struct ip_conntrack_expect properly.

P U N K N ! X  . c o m
Technology + Lifestyle

Voyage Linux
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 2.6.15-rtsp.patch
Type: text/x-patch
Size: 41377 bytes
Desc: not available
Url : /pipermail/netfilter-devel/attachments/20060227/c2a47737/2.6.15-rtsp-0001.bin

More information about the netfilter-devel mailing list