Re: [Ebtables-devel] PPPoE ip extraction
Brought to you by:
bdschuym
Menu
▾
▴
Re: [Ebtables-devel] PPPoE ip extraction
|
From: Marek J. <Mar...@gm...> - 2006-07-06 11:18:24
|
Thx Bart, i figured it out yesterday the other way around. I moved the rest of the packet down in order to overwrite the ppp header. This is what I intended to write: The skb->data pointer just points to the start of the current protocol header. This is the first Layer encapsulated in the Ethernet packet for the ebtables code. As changing the data pointer apparantly does not help I just overwrote the pppoe+ppp header and copied the IP Proto field into the Ethernet header: memcpy(eth_hdr(*pskb)->h_dest, in->dev_addr, ETH_ALEN); eth_hdr(*pskb)->h_proto=htons(ETH_P_IP); memcpy((*pskb)->data,(*pskb)->datasizeof(pppoe),(*pskb)->end-(*pskb)->data); Ok this seems to work. In general, I see that I lack a great deal of kernel-programming-experience ;-) One question though, I manage to extract the IP packet but apparently it then (after the REDIRECT in ebtables) the INPUT table of the netfilter ? Would it be possible to direct it to the PREROUTING where I could use the iptables REDIRECT to a local port ? Marek Am Donnerstag, den 06.07.2006, 11:03 +0000 schrieb bds...@pa...: > >----- Oorspronkelijk bericht ----- > >Van: Marek Jawurek [mailto:Mar...@gm...] > >Verzonden: dinsdag, juli 4, 2006 07:22 PM > >Aan: ebt...@li... > >Onderwerp: [Ebtables-devel] PPPoE ip extraction > > >It's me again, > >now I have more time to deal with the described problem and I have been > >successfull as far as I can see. I'll submit a patch when the code is of > >better quality. But on my way I figured that the match code is not the > >only thing I need to change. I want to extract IP packets from a PPPoE > >stream that goes through my bridge. Therefore I want to write a target > >similar to the redirect target but which additionally extracts the IP > >from the PPP. For starters I copied the ebt_redirect.c code and tried to > >strip the PPPoe+PPP header off using skb_pull() and changing the > >skb_buff -ethernet proto to IP. But I ran into 2 problems: > > > >1. in ebt_redirect.c/ebt_extract.c in ebt_target_extract there is a > >check whether the supplied skbuffer is a cloned/shared one, if it is it > >is copied and further operations are applied to the copy. When can this > >happen ? Is there a schematic how all packets traverse the differnt > >functions of the ebtables/kernel socket code ? > > Packets can be shared as long as they are not altered. If you want to alter a shared packet, you must instead make a private copy of it first and then continue. That's because the other code that is sharing it, isn't expecting it to change. When you run tcpdump f.e., it will share the packet. Usually, you won't be sharing it with anything though. I don't think this has anything to do with your problem. > > >The next problem might be connected to this one, If the packet I work on > >is a copy then it could explain the strane behaviour: > > > >2. Although I managed to change the ethernet proto to IP and although > >the call to skb_pull is successfull (the debug output tells me that the > >data pointer in the skbuffer has been raised by sizeof(PPPoe+PPP header) > >[8byte] apparantly the skb is passed to the local machiene as it was > >before except for the changed ethernet proto field. > > If I understand you correctly, you want to send out a packet with an Ethernet header followed by the IP stuff (dropping the ppp header). Then you'll need to copy the Ethernet header so that it is situated right before the IP header (overwriting the ppp header), and you'll need to update the skb->mac.raw pointer. > > cheers, > Bart > > > -- Marek Jawurek <Mar...@gm...> |
