Hi;
Thanks again.
I will try to reproduce the panic to send more info.
Another question.
I saw b50 yesterday but without the packet filter code. I was told here
in SUN Isreal that b50
will include the packet filter hook code.
There is any new ipfhook code comming for b50? I saw also in a blog that
ipfhook will be part of the Solaris 10 3 beta ( 11/06 beta ), is this
correct ?
Thanks
Diego B
Darren Reed wrote:
Diego B wrote:
Hi Darren
Pls see inline.
Thanks for your help.
Darren Reed wrote:
Diego B wrote:
Hi;
We are implementing a module based on the early packet filtering
hooks API.
This module is ported from the netfilter Linux API.
Now my question;
We are trying to put packets on the net as soon as we got them and
change some parameters to the IP and UDP
headers.
So we catch them in the pre-routing hook (PHYSCAL_IN), change some
fields
and we want to put it on the wire ASAP.
My question is: What is the bes way to do that ?
We tried doing net_inject(DIRECT) with the modified packet but the
system panic all the time.
Can I get any sample code on how to use net_inject ? It is full
implemented ?
Or doing net_inject(DIRECT) is not the best way ?
How do you want the system to treat the packet?
If you know the exact interface to send it out and you do not want
to see it again with PHYSICAL_OUT, then you can use DIRECT.
Yes, that is exactly what I want. The packet has to go out from the
same interface it comes in.
I actually change the source IP address, the Dst IP address, the
source UDP port and the dst UDP port.
And want the packet to go out. There is any extra field I have to
add/change in order to send this packet ?
If you are just swapping fields around, there should be no need to
change anything.
And nothing you are doing, by changing the packet in this way, should
make a panic.
Do I need to set any routing parameters ? checksums or others ?
I don't believe you need to do any of these.
Do I need to clone ( make a deep copy ) the packet I got as parameter
of the hook
to send in net_inject?
No.
Or I can just modify it an send it in net_inject ?
That is the intention, yes.
Darren
_______________________________________________
networking-discuss mailing list
[email protected]
