NetFilter: Problem in adding additional header using NetFilter

From: Shiva Raman Pandey (shiva@sasken.com)
Date: Thu Oct 11 2001 - 10:22:42 EST

Next message: Tom Rini: "Re: Linux-2.4.10-ac11"
Previous message: willy tarreau: "Re: Linux-2.4.10-ac11"
Next in thread: James Sutherland: "Re: NetFilter: Problem in adding additional header using NetFilter"
Reply: James Sutherland: "Re: NetFilter: Problem in adding additional header using NetFilter"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello Friends,
My actual requirement is to insert my own header between Ethernet header and
IP header to all the packets generated at this machine and remove the same
from all the packets meant for this machine.
So Packets leaving from this machine will look like(assume my header is
BlueTooth header)
Ethernet header -- BT header --IPheader--TCP/UDP/ICMP header
I tried to using Netfilter to solve my purpose, but found that I cant get
the packet directly from ethernet. Even the very first hook PRE_ROUTING also
gives from IP layer only.
So if I add my BT header before IP header, IP layer will not accept the
packet when I will call 'set_verdict'.
So I changed my design :(, to do some dirty work like add the copy of IP
header before BT header again.
Now it will look like
IP header--BT header--IP header--TCP/UDP/ICMP header
and at the recieving end it will remove the IP header--BT header leaving the
remaining packet starting with IP header.

For example, say ping command, packet length = 84 bytes, IP header length =
20 bytes, ICMP header length = 8bytes and my BT header length = 5 bytes
so I made the new packet of length 20+5+20+(84-20) = 109 bytes and called
the function set_verdict, with data_len = 109, and this 109 bytes long
payload.
Now at the recieving machine I should get the 109 bytes long packet, but in
fact IP_QUEUE is giving the packet of 84 bytes only, that are in fact first
84 bytes of the 109 bytes long packet.
Note - I have not touched the checksum fields.

So, my questions are :
1) When I am sending 109 bytes, why I am getting only 84 bytes?
2) I tried changing the payload[3] (ie, packet length field) to 109, in that
case the packet never reaches the destination, why?
3) Is this problem due to checksum?
4) Is there any way using netfilter, I can get the packet from ethernet
directly, that will suit my actual design? or any other easy way?
5) How can I verify that the sending machine is actually sending 109 bytes(I
mean not reducing it to 84)?

Please send me your suggestions to find out the solution for this problem

Thanks alot.
Regards
Shiva Raman Pandey
Research Associate, Computer Science -R&D
Sasken Communication Technologies Limited
Bangalore, India

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Tom Rini: "Re: Linux-2.4.10-ac11"
Previous message: willy tarreau: "Re: Linux-2.4.10-ac11"
Next in thread: James Sutherland: "Re: NetFilter: Problem in adding additional header using NetFilter"
Reply: James Sutherland: "Re: NetFilter: Problem in adding additional header using NetFilter"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Mon Oct 15 2001 - 21:00:39 EST