|
Hello, I wrote a linux
module which is binded on the bridge module using various
standard “hook” points. I use a linux
kernel version 2.4.17 with the standard bridge module. Hook points used in my module
are: NF_BR_POST_ROUTING and NF_BR_LOCAL_IN. When I receive a packet in
hook handler, I return a NF_QUEUE value, so I get the packet in the queue
handler registered with: nf_register_queue_handler(PF_BRIDGE, bridge_handler, NULL). Till here everything is good. But I have 3 problems: 1) My module needs to access
to the entire frame, but when I receive a packet in my handler, skb->data points on the beginning of the IP header (not
the ethernet). To solve this problem, I simply used skb_push(skb, ETH_HLEN) and then skb_pull(skb, ETH_HLEN) to make skb->data
point on the Ethernet header. Is this method correct for both hook points (NF_BR_POST_ROUTING
and NF_BR_LOCAL_IN). 2) It seems that under
certain circumstances, the ip header is not
completely valid : IP addresses are good, protocol is
correct, but ihl, version, and tot_len
are not set (00 filled bytes). 3) My linux
box is running both a bridge (with 2 ethernet cards)
and an http server binded on the virtual interface.
Using the method described in 1), I saw in my handler a TCP packet with SYN-ACK
flags, port 80, (i.e. : start of connexion) with a
broadcast destination ethernet address
(ff-ff-ff-ff-ff-ff). I can’t understand how it is possible. I think it
could be a problem with the skb_push on locally
generated packets. Thanks for helpers Jerome Tollet |
_______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
