netdev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

HELP: Why are redirected packets dropped?

from [Bjorn Hammarberg] [Permanent Link][Original]
To: linux-net@xxxxxxxxxxxxxxx, netdev@xxxxxxxxxxx
Subject: HELP: Why are redirected packets dropped?
From: Bjorn Hammarberg <Bjorn.Hammarberg@xxxxxxxxxxxx>
Date: Fri, 30 Mar 2001 08:18:33 +0200
Organization: Uppsala University, Sweden
Reply-to: Bjorn.Hammarberg@xxxxxxxxxxxx
Sender: owner-netdev@xxxxxxxxxxx 
Hi!

Could someone please help me out here. I have no clue at all, so it must
be really simple... ;-)

Short version:
What kind of mechanism drops IP packets and what is the difference
between an accepted packet and an unaccepted packet? 

Why does host A forward packets from host B when host A drops packets
from host A that have its source address rewritten to host B (with
recalculated checksum)? In other words: how can host A discriminate
between true host B packets and fake host B (and even fake host C)
packets?

My kernel is 2.2.18 on a 486.


Longer version:
I am trying to implement some kind of rerouter that receives a packet,
changes its source address and sends it out again (after checksumming of
course). The problem is that these packets are silently dropped
somewhere in the forward chain.

Host A initiates a tcp connection and a packet is sent through sl0, gets
its saddr rewritten, checksummed, and resent through sl0 to host A. This
can be seen by either using tcpdump or the firewall logging. 

The firewall then masquerades this packet according to its logging, but
that's it! No trace of it, neither in tcpdump nor the firewall logging.

I have tried both slip links and ethertap links with the same result.

If host B, with host A as its gateway, tries to send packets through the
sl0 interface (no saddr rewriting though) the packets don't get dropped.


In tcpdump and the firewall log I see this

tcpdump: ... sl0 < hostC.1152 internet.telnet ...
... Packet log: input ACCEPT tap0 PROTO=6 hostC:1152 internet:23 ...
... Packet log: forw MASQ ppp0 PROTO=6 hostC:1152 internet:23 ...
# here it ends!!!

tcpdump: ... sl0 < hostB.3917 internet.telnet ...
... Packet log: input ACCEPT tap0 PROTO=6 hostB:3917 internet:23 ...
... Packet log: forw MASQ ppp0 PROTO=6 hostB:3917 internet:23 ...
... Packet log: output ACCEPT ppp0 PROTO=6 hostB:3917 internet:23 ...
tcpdump: ... ppp0 > hostA.61726 internet.telnet ...
# perfect! But why is it different from above???!?

hostA is the gateway
hostB is on the LAN
hostC is the fake host (tried all sorts of addresses both LAN and slip)


Any help is *VERY* welcome!

Cheers,

Bjorn

----------------------------------------------------------------------
Bjorn Hammarberg, PhD student in Neurophysiological Signal Processing

Dep. of Neuroscience     <MEDICINE   ENGINEERING>  Signals and Systems
Clinical Neurophysiology  ¨¨¨¨¨¨¨|+|o|¨¨¨¨¨¨¨¨¨¨    Uppsala University
University Hospital Uppsala      |-+-|                      PO Box 528
SE-751 85 Uppsala, SWEDEN        |o|+|       SE-751 20 Uppsala, SWEDEN
http://www.neurofys.uu.se        `---'         http://www.signal.uu.se
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • HELP: Why are redirected packets dropped?, Bjorn Hammarberg <=
Previous by Date:  help, Dhiman Barman
Next by Date:  Re: Linux Hardware/Software IP Stack Integration for a TOE, Francois Romieu
Previous by Thread:  help, Dhiman Barman
Indexes:  [Date] [Thread] [Top] [All Lists]