Stealing IP packet in kernel space and reinjecting later
Sat, 11 Aug 2001 14:38:37 -0700 (PDT)
--- Herve Masson <email@example.com> wrote:
> Hi all,
> I've a kernel piece of code that need to hold few IP packets for a while
> and reinject them back from where they were stolen. I use the netfilter
> queuing mechanism to do that (the capture hook code returns NF_STOLEN
> and I use nf_reinject() to continue the normal processing).
> My problem is that when doing so, my queue handler prevent the use of
> 'ip_queue' module.
> My question is: is there another mechanism that have the same
> purpose without monopolizing the PF_INET queue handler ?
> Hervé Masson
Unfortunately, no. The current netfilter queue registration
mechanism only allows one registrar for one protocol. Thus, you would either
have to use ip_queue and just hold the packet in userspace, which is almost
better because it can be swapped ;-), or hack net/core/netfilter.c to allow
multiple registrars for a PF_ family. BTW would this be a good feature,
Permanent e-mail: firstname.lastname@example.org
Current e-mail: email@example.com
Reply to the address I used in the message to you,
Do You Yahoo!?
Send instant messages & get email alerts with Yahoo! Messenger.