* NF_DROP/NF_STOLEN -- TCP retransmit issue.
@ 2009-09-06 19:20 rohin kumar
0 siblings, 0 replies; only message in thread
From: rohin kumar @ 2009-09-06 19:20 UTC (permalink / raw)
To: netfilter
Hello,
In my netfilter hook, I am creating a new broadcast packet and
dropping the actual unicast packet. I have tried NF_DROP and NF_STOLEN
to drop unicast packet. But Both times I can see the original packet
in wire shark along with the new broadcast packet. There are no TCP
dup acks from the receiver side before unicast packet is sent. Does
netfilter frame work informs TCP about the packet drop and because of
that TCP is sending the packet again ? Or else the original packet
itself is not dropped.
Following is the code line where I defined nf_hook_ops.
static struct nf_hook_ops trm_ops = {(struct list_head) {NULL, NULL},
(nf_hookfn *)trm_hook, (struct module*)THIS_MODULE, (uint8_t) PF_INET,
(unsigned int)NF_IP_POST_ROUTING, (int)NF_IP_PRI_LAST };
When I receive packet in my hook, the packet has TCP and IP headers.
Any help greatly appreciated.
Thanks
Rohin Sudini
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2009-09-06 19:20 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2009-09-06 19:20 NF_DROP/NF_STOLEN -- TCP retransmit issue rohin kumar
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.