---

Home Developer

Linux Magazine: GearHeads Only: Writing a Module for netfilter

By Paul "Rusty" Russell

“With Linux 2.4 right around the corner, now would be a very
good time to discuss the new packet observation and filtering
mechanism that were introduced during the 2.3 kernel development,
which is called netfilter….”

“netfilter is a framework inside the kernel that allows a module
to observe and modify packets as they pass through the IP stack.
Well, since I wrote that article in January, netfilter hooks have
been added to the IPv6 (the next-generation of IP) and DECnet (a
more obscure protocol) layers that are similar to those described
here for IPv4.”

“Inside the kernel you will see calls such as the following
throughout the protocol code (this is from ip_local_
deliver() in net/ipv4/ip_input.c):

return NF_HOOK(PF_INET, NF_IP_LOCAL_IN,
               skb, skb->dev, NULL,
               ip_local_deliver_finish);

Complete
Story

Complete Story
Previous article
Next article

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis

Must Read

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Our Brands

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.