On Thursday 05 June 2003 11:51, J�r�me Tollet wrote: > But I have 3 problems: > 1) My module needs to access to the entire frame, but when I receive a > packet in my handler, skb->data points on the beginning of the IP header > (not the ethernet). To solve this problem, I simply used skb_push(skb, > ETH_HLEN) and then skb_pull(skb, ETH_HLEN) to make skb->data point on > the Ethernet header. Is this method correct for both hook points > (NF_BR_POST_ROUTING and NF_BR_LOCAL_IN).
Yeah, that's fine. > 2) It seems that under certain circumstances, the ip header is not > completely valid : IP addresses are good, protocol is correct, but ihl, > version, and tot_len are not set (00 filled bytes). I doubt this is a Linux bug... What does tcpdump say? > 3) My linux box is running both a bridge (with 2 ethernet cards) and an > http server binded on the virtual interface. Using the method described > in 1), I saw in my handler a TCP packet with SYN-ACK flags, port 80, > (i.e. : start of connexion) with a broadcast destination ethernet > address (ff-ff-ff-ff-ff-ff). I can�t understand how it is possible. I > think it could be a problem with the skb_push on locally generated > packets. In POSTROUTING the mac destination address is already filled in correctly, for any packet/frame entering it... cheers, Bart _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
