I'm looking for a function similar to skb_checksum(), but
for the tcphdr->check field. I'm playing around with a module
I've written for netfilter and I would like to modify options of
the IP and TCP headers. For example, right now I'm trying
to set the destination IP to the source IP, but the TCP checksum
is coming out incorrectly. How can I calculate this checksum?
Thanks a lot in advance. Also, if anyone knows where some
documentation about the TCP/IP stack in the kernel are, please
let me know.
Jeff Shipman - CCD
Sandia National Laboratories
(505) 844-1158 / MS-1372
Dans un message du 13 jun ? 9:10, Shipman, Jeffrey E ?crivait :
>
> I'm looking for a function similar to skb_checksum(), but
> for the tcphdr->check field. I'm playing around with a module
> I've written for netfilter and I would like to modify options of
> the IP and TCP headers. For example, right now I'm trying
> to set the destination IP to the source IP, but the TCP checksum
> is coming out incorrectly. How can I calculate this checksum?
There is a netfilter function for that. Look at
ip_nat_core.c:ip_nat_cheat_check.
--
Guillaume Morin <[email protected]>
5 years from now everyone will be running free GNU on their
200 MIPS, 64M SPARCstation-5 (Andy Tanenbaum, 30 Jan 1992)
Shipman, Jeffrey E wrote:
> I'm looking for a function similar to skb_checksum(), but
> for the tcphdr->check field. I'm playing around with a module
> I've written for netfilter and I would like to modify options of
> the IP and TCP headers. For example, right now I'm trying
> to set the destination IP to the source IP
I think there already is a module to do this?
Paull Russel (did I get the l's right :-)) mentioned
it at a talk in Ireland a couple of months ago.
There were fun and games when 2 machines with this
module we put back to back and it was noticed that the
ttl wasn't decremented :-P
Padraig.
Thanks John, that function works great. However, I'm still having problems
where I'm not getting any responses from the destination. I've been setting
the destination address to the source address (this is just to play around
and learn things), and it's not working properly. If I connect straight to
the address (192.168.1.20), it works great. However, if I connect to
192.168.1.1, it looks like in the packet it's using 192.168.1.20, but all
I get no SYN/ACK back...my machine just keeps on sending out SYNs. Does
anyone know of things I need to also check in order to make sure this will
work. When I finish my module, it will be modifying all sorts of fields
inside of the TCP packet and I'd like to be sure that I can get responses
from remote machines.
Thanks.
Jeff Shipman - CCD
Sandia National Laboratories
(505) 844-1158 / MS-1372
-----Original Message-----
From: John McBride [mailto:[email protected]]
Sent: Thursday, June 13, 2002 11:19 AM
To: Shipman, Jeffrey E
Subject: RE: TCP checksum?
Jeffrey,
find snippet I used to update checksum in my netfilter module -
partly nicked from nat core code
/***************************************************************************
*/
static void update_checksum(struct sk_buff *skb)
{
struct tcphdr *th;
struct iphdr * iph;
int len;
iph = skb->nh.iph;
th = (struct tcphdr *)((u_int32_t *)iph + iph->ihl);
len = skb->len;
/* IP checksum */
iph->check = 0;
iph->check = ip_fast_csum((u8 *)iph, iph->ihl);
if (iph->protocol != IPPROTO_TCP)
return;
th->check = 0;
th->check = tcp_v4_check(th,
len - 4*iph->ihl,
iph->saddr, iph->daddr,
csum_partial((char *)th, len-4*iph->ihl,
0));
}
/***************************************************************************
*/
-----Original Message-----
From: Shipman, Jeffrey E [mailto:[email protected]]
Sent: Thursday, June 13, 2002 4:11 PM
To: '[email protected]'
Subject: TCP checksum?
I'm looking for a function similar to skb_checksum(), but
for the tcphdr->check field. I'm playing around with a module
I've written for netfilter and I would like to modify options of
the IP and TCP headers. For example, right now I'm trying
to set the destination IP to the source IP, but the TCP checksum
is coming out incorrectly. How can I calculate this checksum?
Thanks a lot in advance. Also, if anyone knows where some
documentation about the TCP/IP stack in the kernel are, please
let me know.
Jeff Shipman - CCD
Sandia National Laboratories
(505) 844-1158 / MS-1372
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Accelerated Encryption Processing Ltd.
Bray Business Park,
Southern Cross Route ,
Bray, Co Wicklow,
Ireland
********************************************************************
This email and any files transmitted with it are confidential
and intended solely for the use of the individual or entity to
whom they are addressed. If you have received this email
in error please notify the postmaster at the address below.
[email protected]
This footnote also confirms that this email message has been
checked the presence of computer viruses.
**********************************************************************
Hello Jeffrey,
On Thursday 13 June 2002 23:10, Shipman, Jeffrey E wrote:
> I'm looking for a function similar to skb_checksum(), but
> for the tcphdr->check field. I'm playing around with a module
> I've written for netfilter and I would like to modify options of
> the IP and TCP headers. For example, right now I'm trying
> to set the destination IP to the source IP, but the TCP checksum
> is coming out incorrectly. How can I calculate this checksum?
> [...]
This functionallity is already provided by the ipt_MIRROR target.
If you want more info on netfilter module writting, read Rusty's
Netfilter Hacking HOWTO at :
http://www.netfilter.org/documentation/index.html#HOWTO
and if needed, post netfilter development questions on the
netfilter-devel mailing list, for more info :
http://www.netfilter.org/contact.html#devlist
Have a nice day,
Fabrice.
--
Fabrice MARIE
Senior R&D Engineer
Celestix Networks
http://www.celestix.com/
"Silly hacker, root is for administrators"
-Unknown