The incoming packets will fit a particular criteria as in what port it is connecting to, what options and flags are set, etc. The outgoing packet really depends on what was incoming. We see what pattern we matched as, and then we have a hash table of modifications for the packet (just about anything can be modified) that we'll need to perform. The trouble is making sure we're modifying the correct outgoing packet which is in response to the packet that came in.
Jeff Shipman - CCD Sandia National Laboratories (505) 844-1158 / MS-1372 -----Original Message----- From: Henrik Nordstrom [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 09, 2002 4:04 PM To: Shipman, Jeffrey E; '[EMAIL PROTECTED]' Subject: Re: a question on marking packets mark values are unique per packet. the response packet will get a new mark value, initially 0.. but there is help. See the CONNMARK pactch in patch-o-matic. Adds a similar mark value to conntrack, allowing you to mark a connection rather than individual packets. Why do you need mark values to know which packets to modify? How are you modifying packets, and why? Perhaps there is a better way if you describe a little of what you are up to doing. Regards Henrik Nordström MARA Systems AB, Sweden Shipman, Jeffrey E wrote: > I have a situation where I need to be able to > mark packets on the NF_IP_LOCAL_IN hook that > match certain patterns we will be watching > for. This because after accept the packet and > the response packet is generated (NF_IP_LOCAL_OUT), > we must be able to know how to modify this packet > depending on the results from that incoming > packet. Does anyone have some advice how to properly > mark these packets so we can do this? Any tips > or direction on where to look would be most > appreciated. > > TIA, > > Jeff Shipman - CCD > Sandia National Laboratories > (505) 844-1158 / MS-1372
