Routing packets via a C program
bedogniluca-linux at yahoo.it
Tue Jan 30 17:14:10 CET 2007
On Saturday 27 January 2007 15:55, Jan Engelhardt wrote:
> On Jan 22 2007 09:58, Luca Bedogni wrote:
> >Hi all
> > i'm writing down a simple program for routing the packets manually. The
> >idea is: if a packet comes from a specific IP (192.168.0.2) I set
> > ip->saddr to my ip and then accept it. And, if a packets comes from the
> > outside, i set ip->daddr to 192.168.0.2 and then accept it. I recalculate
> > the checksum and it's correct (i can see that by printing out it).
> What for - are you trying some nifty SNAT/DNAT trick?
Yes, i want to monitor performances and such via normal routing and via
> >The basic problem is that, sniffing packets with wireshark, i can see the
> >packet from 192.168.0.2 to outside, but not mine to outside.
> >I also tried with NF_REPEAT and NF_ACCEPT and NF_QUEUE when calling
> >ipq_set_verdict, but nothing changed..
> You should be fine by QUEUEing packets in PREROUTING (or at least somewhere
> before the <Routing Decision> in [PacketFlow]), modify them in your
> userspace program, reinject them, and have the <Routing Decision> do the
> right then.
Yes i basically do this, but the packets aren't reinjected. I change the IP
and recalculate the checksum, but when calling ipq_set_verdict I can't see
any packets on the wire :(
Any other hint?
Debian Powered GNU/Linux User #373118
Bedogni Luca - Blog | http://blog.lucabedogni.it
Site | http://www.lucabedogni.it
Debianizzati - www.debianizzati.org | Founder Member
Better paranoid than sorry
More information about the netfilter