El Thu, 01 Mar 2007 12:25:23 +0700
Mulyadi Santosa <mulyadi.santosa@xxxxxxxxx> ha escrit:
Hithe problem is that with a active RTP flow arriving to the boxI am just adding another "suspect" here. The tcpdump (which is using
(tcpdump can see it) my function doesn't get any packet.
however, when the same box that is capturing also participates in
the RTP flow, it's received correctly in the hook.
so, why is not working the promiscuous mode? i'm missing something?
libpcap) might be operating at layer 2 (data link?), while netfilter
operates in layer 3. Since this is just "sniffing", layer 2 of Linux
network stack quickly revealed that this packet is not actually for
your machine, so it it dropped.
yes, it's what now i know, netfilter hooks only get traffic that comes
in layer 3, but i saw that there's a 'promisc' patch (for Linux 2.4) at:
and i don't know if its a similar feature for Linux 2.6, that will be
i wrote to netfilter-devel mailing list
(with no results at the moment)
Maybe, you can observe the code from program like Dug Song's dsniff
and see how it did the monitoring or even packet interception.
yes, but i need to get this working in kernel space, so it's an
academic work. in addition, the module can block traffic, when running
in a router, and for this reason i implemented it in kernel space.
thanks for your help,
To unsubscribe from this list: send an email with
"unsubscribe kernelnewbies" to ecartis@xxxxxxxxxxxx
Please read the FAQ at http://kernelnewbies.org/FAQ