Menu
▾
▴
Re: [Divert] Linux 2.4.x kernel?
|
From: Ilia B. <ib...@pi...> - 2001-06-29 17:11:52
|
Netfilter, I think, has two parts - there is a kernel API and there are some modules for user-space delivery of intercepted packets. Divert sockets will be ported to 2.4 - I am starting work on that, and it will be one such module. It will still be a user-space mechanism, good for prototyping and low-throughput applications, but for any kind of decent perfromance you will have to do your stuff in the kernel using netfilter API directly. In the kernel it won't make a difference whether the packet was intercepted or created from scratch - you will have access to the kernel sk_buff allocation API that will allow you to create a packet, should you want to inject one without intercepting it first. -ilia Jan Møller wrote: > I would say that netfiter can do almost the same as divert sockets. But > there is a major difference. > When using netfilter you can modify and remove packets in the packet > stream. > When using divert sockets you can modify, remove and inject packets in the > packet stream. > The packet injection is a very important feature for some uses. > > Unfortunately you cannot do that with netfilter in the Linux 2.4 kernel. > When a packet pops from the kernel to userspace using netfilter, the user > space application may either ignore it (remove it from the packet stream) > or modify it. You cannot inject a packet without receiving one first. > > It would infact be nice if divert would be ported to Linux 2.4 or if > netfilter would allow packet injection. > > -- J. Miller > > ------------------------------------------------------------------------- > Divert Sockets for Linux List > mailto:di...@li... > http://www.anr.mcnc.org/~divert > ------------------------------------------------------------------------- -- -------------------------------------+---------------------- Ilia Baldine, PhD | ib...@an... Network Research Engineer, | ph#:(919)248-1847 Advanced Networking Research, MCNC | FAX:(919)248-1455 http://people.anr.mcnc.org/~ibaldin | -------------------------------------+---------------------- "I used to think the brain was the most important part of the body, but then I realized who was telling me that." -Emo Philips ------------------------------------------------------------ ------------------------------------------------------------------------- Divert Sockets for Linux List mailto:di...@li... http://www.anr.mcnc.org/~divert ------------------------------------------------------------------------- |
