Re: Injecting packets back into IP system...

Andi Kleen (
20 May 1998 14:32:40 +0200

Paul Rusty Russell <> writes:

> Hi all,
> I'm using the NETLINK device (from the firewall chains) to copy
> packets out to userspace, but reinjecting the packets doesn't seem to
> have the desired effect if the packet is destined for the same
> machine. For example, injecting a raw ICMP ping packet does not
> elicit an echo response (and I am told that a TCP syn packet is
> treated with similar distain). Here is the code I am using (minus
> error checks):
> struct sockaddr_in dst;
> fw_reinject_handle = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
> dst.sin_addr.s_addr = pkt->daddr;
> dst.sin_family = AF_INET;
> sendto(fw_reinject_handle, pkt, ntohs(pkt->tot_len), 0,
> (struct sockaddr *)&dst, sizeof dst);
> Is there a better way to do this, and have the packet treated as if it
> is real? Or am I going to have to hack something (if so, where?)

Try Alan's ethertap device. It was designed for stuff like this.


To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to