Reputation: 871
How to block packets received by eth0 from going up to TCP/IP stack
We are using dev_add_pack with ETH_P_ALL to get copies of sk_buff of all ethernet frames received by eth1. Is there a way we can prevent eth1 from forwarding all the ethernet frames up to TCP/IP layer while still letting it capture all the frames and passing it on to our loadable kernel module?
Upvotes: 2
Views: 307
Answers (1)
Reputation: 7897
Your best bet is to create a netfilter hook. Rather than dev_add_pack, which gets a copy of the sk_buff (thereby allowing the original sk_buff to propagate up to the TCP/IP stack, a netfilter hook will give you the pointer to the original sk_buff as it traverses the stack, and your code actually executes as callback from the stack itself - so you can choose to block the packet, claim ownership in your module, or do pretty much anything on your mind.
Upvotes: 2
Related Questions
- Intercept Ethernet packets before they reach kernel
- Linux Raw Sockets: Block Packets?
- How to create a kernel module that can intercept all packets coming to/from a network interface
- passing packets from IP layer to device driver
- How to prevent kernel from passing packets to network layer?
- Distinguish forwarding traffic and locally originated traffic in Linux network driver
- Push all packets received at network interface card into TCP/IP stack
- How to filter and intercept Linux packets by using net_dev_add() API?
- Capability to drop IP packets in Linux
- Stop packets at the network card