Вопрос
I am building a module that does massive mangling of the protocol contained within. I am only mangling Layer 4 packets. I convert them back on the other end to how they should be. The packet size is still 1:1, so there really isn't a need to reallocate skb...
That said, I change skb->data, and then return NF_ACCEPT from my NF_IP_LOCAL_OUT hook. I have another hook that shows me that the sk_buff is passed to NF_IP_POST_ROUTING, but the packet never actually leaves the host (as in I don't see it in Wireshark). I can't figure out what is going on. Is the packet being dropped somewhere? I am not using any other kernel hooks other than the netfilter hooks and I am not manipulating the destination, so it should leave the machine without question.
Any ideas what might be causing it? Do I need to register my custom IPPROTO with the kernel? I have it in /etc/protocols I figured that would be enough. Or am I just going down the wrong path entirely? I tried working with the ESP and AH code that's in the kernel for IPsec, since it also mangles the packets, but all the transform code is more complicated than I need for what I am doing.
Решение
It would seem I was doing everything correctly with a single exception. I wasn't recalculating the IP header's checksum (since I was changing the protocol id itself, this is mandatory).
https://stackoverflow.com/questions/18246762
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russianiph->check = 0;
iph->check = ip_fast_csum(iph, iph->ihl);
And presto it worked.
