Re: using sk_buffer

Andi Kleen (ak@muc.de)
30 Jan 1999 15:05:33 +0100


In article <19990130115940.A266@polgara.ndh.net>,
mp@ndh.net (Marc Plaggemeier) writes:
> Hello,
> i have some problems using sk_buffers and Kernel 2.2.x. Perhaps someone
> could help me. (I tried to look in the archive, but the search engine did not work)

> First of all: is there a good documentation about using sk_buffers?

> Now my Problem:

> I want to write a little "Firewall". My problem is, how to reply
> to an "echo request" ( I do not want to block them).
> I am getting (struct firewall_ops *this, int pf,
> struct device *dev, void *phdr, void *arg, struct sk_buff **pskb) from
> the function firewall_(forward|input|output)_check.
> I think, this is all I need.

You don't say it, but I assume you are hoking into a input firewall chain.

> I though, I could use the **pskb to reply to the request.
> I looked in net/ipv4/ip_* to learn how to manage the sk_buffers.

> But everytime I want to send the buffer, the computer crashs.
> I used skb->dst->output (skb) (like the functions in ip_output.c)
> or dev_queue_xmit (skb).

On input time the skb carries an input route which points to the local
delivery function. If you call skb->output on input again you'll get an
endless recursion which will quickly fill up the kernel stack and crash
the machine.

> Even when I create a new sk_buffer (allocating mem and so on),
> it did not work. When using skb->dst->output my computer reboots, when
> using dev_queue_xmit nothing happens.

You have to generate a correct header (with ICMP header, correct destination
and source address based on the original packet, payload), then look up the
output route for it (using ip_route_output). See icmp.c for an example. I assume
you want to spoof ICMP echo replies, please be advised that this is generally
a bad idea (and do not even think about doing the same thing for TCP!)

> I do not want to bother you, but could someone give me a litle example
> or send me a url where I can learn more about using sk_buffer?

http://www.uk.linux.org/Documents/buffers.html has a basic introduction, but
for the kind of stuff you seem to want to do you'll need to do RTFS. Perhaps
the SF source will be helpful (http://www.ifi.unizh.ch/ikm/SINUS/firewall.html)

-Andi

-- 
This is like TV. I don't like TV.

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/