understanding TCP-IP interface in linux kernel

Hi all,
I am planning to write a kernel module which will sit below tcp and
intercept every incoming and outgoing packet(shud i say segment ?? ).
In order to do that i was taking a look at net/ipv4/tcp* files but the
code does hell lot of things and makes it hard for me to find my way
through it.
C
an somebody point me to correct place from where i should start ??
I havent learnt yet about tcp implementation in linux kernel. by TCP-IP
i mean those 2 protocols and not the complete suite.
Is thr good online documentation explaining this implementation.??

Also what am curios about is :
TCP-IP interface .. so how does TCP layer sends "segment" to IP and
receives sengment from IP. ??

Any help in this regard will be greatly appreciated ...

Regards,
TellMeMore

will_u_tellmemore napsal:
> Hi all,
> I am planning to write a kernel module which will sit below tcp and
> intercept every incoming and outgoing packet(shud i say segment ?? ).

Maybe you want to write a filter?

> In order to do that i was taking a look at net/ipv4/tcp* files but the
> code does hell lot of things and makes it hard for me to find my way
> through it.
> C
> an somebody point me to correct place from where i should start ??

http://linux-net.osdl.org/ definitely

--
js

will_u_tellmemore wrote:
> Hi all,
> I am planning to write a kernel module which will sit below tcp and
> intercept every incoming and outgoing packet(shud i say segment ?? ).
> In order to do that i was taking a look at net/ipv4/tcp* files but the
> code does hell lot of things and makes it hard for me to find my way
> through it.
> C
> an somebody point me to correct place from where i should start ??
> I havent learnt yet about tcp implementation in linux kernel. by TCP-IP
> i mean those 2 protocols and not the complete suite.
> Is thr good online documentation explaining this implementation.??
>
> Also what am curios about is :
> TCP-IP interface .. so how does TCP layer sends "segment" to IP and
> receives sengment from IP. ??
>
> Any help in this regard will be greatly appreciated ...


The module you're intending to write may be already written.

Would you please tell what you're going to do with the intercepted
packets (if it's IP it's a packet, if it's TCP it's a segment).

The iptables module collection is pretty good in intercepting
and mangling the packets. If you nee link-level handling
(e.g. Ethernet), ebtables is the thing.

--

Tauno Voipio
tauno voipio (at) iki fi

Hey,

See the following code present in file linux/net/ipv4/protcol.c

static struct inet_protocol tcp_protocol = {
handler: tcp_v4_rcv,
err_handler: tcp_v4_err,
next: IPPROTO_PREVIOUS,
protocol: IPPROTO_TCP,
name: "TCP"
};

You can see tcp_v4_rcv is the receive function of TCP.
inet_protos[] is a hash list of upper protocol handlers for IP layer.
You can register your own handler using inet_add_protocol function. It
appears that the last registered handler will get called first as the
implementation is attaching the node at head of the hash list.
Your function should return zero if it wants to own the packet.

It that method doesn't work, go through the hash list and find the TCP
handler and replace the function pointer with yours.

Where do you want to capture outgoing packets. Before or after TCP
processing?

<><><><><><><><><><><><>
Neo
Techpulp Technologies
Hyderabad
website: www.techpulp.com
<><><><><><><><><><><><>


On Oct 27, 9:42 pm, Tauno Voipio <tauno.voi...@INVALIDiki.fi> wrote:
> will_u_tellmemore wrote:
> > Hi all,
> > I am planning to write a kernel module which will sit below tcp and
> > intercept every incoming and outgoing packet(shud i say segment ?? ).
> > In order to do that i was taking a look at net/ipv4/tcp* files but the
> > code does hell lot of things and makes it hard for me to find my way
> > through it.
> > C
> > an somebody point me to correct place from where i should start ??
> > I havent learnt yet about tcp implementation in linux kernel. by TCP-IP
> > i mean those 2 protocols and not the complete suite.
> > Is thr good online documentation explaining this implementation.??
>
> > Also what am curios about is :
> > TCP-IP interface .. so how does TCP layer sends "segment" to IP and
> > receives sengment from IP. ??
>
> > Any help in this regard will be greatly appreciated ...The module you're intending to write may be already written.
>
> Would you please tell what you're going to do with the intercepted
> packets (if it's IP it's a packet, if it's TCP it's a segment).
>
> The iptables module collection is pretty good in intercepting
> and mangling the packets. If you nee link-level handling
> (e.g. Ethernet), ebtables is the thing.
>
> --
>
> Tauno Voipio
> tauno voipio (at) iki fi

Hi all,
Thanks for the links which you have sent .I am going through those .

>Where do you want to capture outgoing packets. Before or after TCP
> processing?

I want to get incoming packet before TCP and outgoing packet after TCP.
So meaning there by , i would like to have module sitting between TCP
and IP . Correct me if i am wrong ...

I have also come across netfilter framework in linux kernel using which
we can provide hooking functions and intercept packets. Though am not
sure ,does this intercept packet before going to "IP" layer ?? If yes,
is this one which i can use ??

Would you please tell what you're going to do with the intercepted
packets (if it's IP it's a packet, if it's TCP it's a segment).

I am trying to write this module which will implement Fault tolrent TCP
:
Ref : http://citeseer.ist.psu.edu/alvisi00wrapping.html

So does netfilter is right choice to go about it ??

Thanking all in advance ....

Regards,
TellMeMore