[Bridge] Modifying All Packets passing through the bridge!

Mon Nov 10 21:19:53 PST 2008

But like any Ideas on why do I always see only ARP packets. Not all Packets ? And do netfilters allow you to actually modify the incoming packet ? and all packets ( not only ARP packets ) pass through netfilters?> Date: Mon, 10 Nov 2008 08:35:01 -0800> From: shemminger at vyatta.com> To: akhter.fahim at hotmail.com> CC: srinivas.aji at gmail.com; bridge at lists.linux-foundation.org> Subject: Re: [Bridge] Modifying All Packets passing through the bridge!> > On Mon, 10 Nov 2008 17:02:34 +0500> Fahim Akhter <akhter.fahim at hotmail.com> wrote:> > > > > Thanks a lot for the quick replies. > > > > I tried doing it with Bridging Hooks. Rather in the Bridge. I wrote a script with was used to modify the packets if not already modified which was placed in /net/bridge/br_forward.c br_forward() and the packets were listened and encrypted in /net/bridge/br_forward.c should_deliver(). The enmcryption keys and status were travelling fine. But upon analyzing the packet. On the receiving end using a Windows Based packet Analyzer. I got to know that only ARP broadcast packets were being modified.> > > > I found an old code which used kernel 2.4 used for encryption. The encryption was done in /net/bridge/br_input.c br_handle_frame(). I did all the usual stuff there but still now effect its still only modifying the ARP packets.> > > > The ethernets are running in promiscous mode, the settings are default and the bridge works fine. Except for the fact it doesn't encrypt. > > > > It's taken me a while to get to this point. This being my first linux project. Hope I get a solution which takes me forward from this instead of starting from the start...> Date: Mon, 10 Nov 2008 15:58:05 +0530> From: srinivas.aji at gmail.com> To: akhter.fahim at hotmail.com> Subject: Re: [Bridge] Modifying All Packets passing through the bridge!> CC: bridge at lists.linux-foundation.org> > On Mon, Nov 10, 2008 at 11:57 AM, Fahim Akhter <akhter.fahim at hotmail.com> wrote:> > The Link> > https://lists.linux-foundation.org/pipermail/bridge/2008-October/006074.html> > , is about capturing packets and sending to user space. Speed is important> > in my current scenario. Is there anyway I can do everything in kernel> > specially by hacking or tweaking the already kernel space. Instead of socket> > programming and capturing packets at ethernet?> > That message also talks about the case where userspace will not give> you enough performance. The thing to do then would be to write a> network d> river which sits on top of a real network device and> processes the packets before passing it on in either direction. Look> for the vlan and bonding drivers for examples. Or maybe you could use> the netfilter hooks in bridging, if your use of this encrypted link is> restricted to being between bridges.> > _________________________________________________________________> > Explore the seven wonders of the world> > http://search.msn.com/results.aspx?q=7+wonders+world&mkt=en-US&form=QBRE> > > Use ebtables, and write a netfilter module to do what you want.> There is no reason to mess wit the bridging infrastructure to do this.> > Netfilter is the way to do all the kinds of analysis, filtering, and packet> mangling you might want.
_________________________________________________________________
News, entertainment and everything you care about at Live.com. Get it now!
http://www.live.com/getstarted.aspx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.linux-foundation.org/pipermail/bridge/attachments/20081111/f3c5d784/attachment.htm