Re: ip_queue.c and TCP resets
From: Patrick McHardy
Date: Tue Aug 30 2005 - 17:43:05 EST
Michael Rash wrote:
> Attached is a patch against
> linux-2.6.11.12/net/ipv4/netfilter/ip_queue.c to put Ethernet MAC
> addresses directly into the indev_name and outdev_name portions of the
> ipq_packet_msg struct. This is a total kludge and I doubt anyone else
> will find this useful, but for libipq IPS applications it allows TCP
> resets and other response traffic to be sent out of the appropriate
> physical ports when running as an Ethernet bridge. I'm sure there are
> better ways to do this, but it seems to work.
ip_queue messages already include the source mac address in the hw_addr
field. The destination isn't included because except with bridge
netfilter it is always the local mac address. If you also need the
destination MAC we could consider including it in nfnetlink_queue
since its new and we don't have to worry about userspace compatibility
at this time.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/