dcsimg
Linux Today: Linux News On Internet Time.




More on LinuxToday


Linux Magazine: GearHeads Only: Writing a Module for netfilter

Sep 17, 2000, 13:10 (0 Talkback[s])
(Other stories by Paul "Rusty" Russell)

WEBINAR:
On-Demand

Re-Imagining Linux Platforms to Meet the Needs of Cloud Service Providers


"With Linux 2.4 right around the corner, now would be a very good time to discuss the new packet observation and filtering mechanism that were introduced during the 2.3 kernel development, which is called netfilter...."

"netfilter is a framework inside the kernel that allows a module to observe and modify packets as they pass through the IP stack. Well, since I wrote that article in January, netfilter hooks have been added to the IPv6 (the next-generation of IP) and DECnet (a more obscure protocol) layers that are similar to those described here for IPv4."

"Inside the kernel you will see calls such as the following throughout the protocol code (this is from ip_local_ deliver() in net/ipv4/ip_input.c):

return NF_HOOK(PF_INET, NF_IP_LOCAL_IN,
               skb, skb->dev, NULL,
               ip_local_deliver_finish);
          

Complete Story

Related Stories: