Hello,
I'm currently using the raw packet socket interface (i.e. PF_PACKET,
SOCK_RAW) to feed a user space application with network packets. The
purpose is porting of a (given) bunch of code implementing a bunch of
(partially nonstandard) low-level protocols. The code comes from
dedicated hardware where it had to do everything (read: a whole TCP/IP
stack plus some more) by itself in fairly little memory, so that it
doesn't have a nice separation of OSI layers.
The problem is, I want the kernel networking stack to see those packets
that I can't handle in the application (so that http, ssh, telnet etc.
continue to work), but not those I can handle myself.
It seems like every packet that gets captured in the packet socket also
goes into the kernel stack. Good for tcpdump and other
monitoring/debugging apps, not so good if you actually want to do work
on the packets in user space.
So, is it possible to
1.) Capture all packets through the packet socket
2.) Forward only those to the kernel networking stack that I deem
worthy of forwarding.
Of course I can filter packets with iptables, but the point is that the
application should be able to forward or not forward packets to the
kernel stack, with the decision made on-the-fly.
--
Linards Ticmanis
|
Similar Threads
Linear Mode
