> Hi all,
>
> I'm using the NETLINK device (from the firewall chains) to copy
> packets out to userspace, but reinjecting the packets doesn't seem to
> have the desired effect if the packet is destined for the same
> machine. For example, injecting a raw ICMP ping packet does not
> elicit an echo response (and I am told that a TCP syn packet is
> treated with similar distain). Here is the code I am using (minus
> error checks):
>
> struct sockaddr_in dst;
> fw_reinject_handle = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
>
> dst.sin_addr.s_addr = pkt->daddr;
> dst.sin_family = AF_INET;
>
> sendto(fw_reinject_handle, pkt, ntohs(pkt->tot_len), 0,
> (struct sockaddr *)&dst, sizeof dst);
>
> Is there a better way to do this, and have the packet treated as if it
> is real? Or am I going to have to hack something (if so, where?)
Try Alan's ethertap device. It was designed for stuff like this.
-Andi
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu