Damiano Bolzoni wrote: > Hi people, > I wrote a kernel module that uses netfilter. I'm interested on incoming IP > packets that carry a TCP segment with SYN flag active. What I want to do is > to know which socket has been created in order to handle that connection > and I want to close it. sk_buff holds two pointer: struct sock* and struct > socket* but they point to NULL. > At this time I can test if the TCP segment has the SYN flag set but I can't > close the socket... > Anyone can help me?
This is too early in the packet processing path. The socket is not yet known. These fields is only valid on locally generated packets (outgoing/sent packets). You will need to make a call into the TCP/IP kernel to look up the local socket. Regards Henrik
