I need to develop a special gateway. It shall map exernal ips to internal ports
and external ports to internal ips (kind of NAT but connections have to be
established from external to internal network and vice versa!), so the
sender,receveiver addresses and ports have to be changed off each package
received. Afterwards these packets shall be resent via one (out of more)
interfaces. Therefore kernel's IP stuff disturbs me, but because i want to use
TCP/IP at the gateway itself too (the computer runs applications using IP), i
still need it.
Thus the most easiest way should be to be the first one dealing those packets
when they arrive. AFAIK before netfilter gets the packets the kernel's router
already got them...
Hope i made may needs clear?
Thanks for help,
Matthias
-----Ursprüngliche Nachricht-----
Von: bert hubert [mailto:ahu@xxxxxxx]
Gesendet: Montag, 28. Februar 2005 18:38
An: Weber Matthias
Cc: netdev@xxxxxxxxxxx
Betreff: Re: filtering packtes before OS takes care about them
On Mon, Feb 28, 2005 at 05:16:57PM +0100, Weber Matthias wrote:
> i need a possibility to catch IP4 packets (from ethernet devices)
> before OS' netmodules (IP, UDP, TCP, ICMP, ARP, ROUTE, NETFILTER ...)
> takes care about them and
Why? It helps if you tell us what you really want, or is this a research
project?
The earliest place I know of is with tc filter, but that is a netfilter hook.
So part of netfilter will "see" your code.
What you appear to be asking for is a packet filtering network adaptor?
These exist.
> * to modify packet headers and move packets to interface related
> output
> * buffers
Sure you want an operating system?
Good luck!
--
http://www.PowerDNS.com Open source, database driven DNS Software
http://netherlabs.nl Open and Closed source services
|