login
Search
Hello,
I want to modify the content of a packet in a kernel module.
I get this packet using NF_PRE_RPOUTING HOOK.
I have a pointer to the buffer (sk_buf).
What I need is to achieve is this:
- create a new IP header.
- create a new UDP header.
- Afterwards, the new payload should start. It should contain one new field (integer, 4 bytes)
,which is a serial number, and than the original IP header and the original UDP header
and then the original payload.
- Any ideas if it is possible to implement such a thing ?
- Any advice will be greatly appreciated.
Regards,
Mark Ryden
markryde@gmail.com
Read about it at
Read about it at http://jengelh.medozas.de/ - “Writing your own Netfilter modules”.
Re: Changing packet payload
Hello,
First, thank you for the link.
Second, it has there one section about this:
5.6 Changing packet payload
However, this section has only very few lines, and it
ends with "Expand this section" ...
I would appreciate if anybody knows about an example or more info
how changing packet payload should be done,
Regards,
Mark
Changing the packet payload
Changing the packet payload implies that you make room for it (skb_*_expand I think), modify the parts and then compute the checksum. I have not studied the available checksumming functions in detail yet, which is why the section is incomplete.
The section on creating a completely new packet -- an alternate method to "modify" a packet -- is complete, but uses zero checksums whereever possible, for the same reason.
Tunnelling
Hello!
Seems that you need some kind of tunnelling.
What you do after building this new UDP packet?
Take a look on how sit, ipip etc. tunnels in the kernel are doing; you can build another type yourself to do what you want.
Hope it helps.