Injecting packets back into IP system...

Paul Rusty Russell (
Wed, 20 May 1998 22:52:20 +0930

Hi all,

I'm using the NETLINK device (from the firewall chains) to copy
packets out to userspace, but reinjecting the packets doesn't seem to
have the desired effect if the packet is destined for the same
machine. For example, injecting a raw ICMP ping packet does not
elicit an echo response (and I am told that a TCP syn packet is
treated with similar distain). Here is the code I am using (minus
error checks):

struct sockaddr_in dst;
fw_reinject_handle = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);

dst.sin_addr.s_addr = pkt->daddr;
dst.sin_family = AF_INET;

sendto(fw_reinject_handle, pkt, ntohs(pkt->tot_len), 0,
(struct sockaddr *)&dst, sizeof dst);

Is there a better way to do this, and have the packet treated as if it
is real? Or am I going to have to hack something (if so, where?)


 .sig lost in the mail.

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to