Filtering UDP loopback on Linux in C

Question

I have an application bound to eth0, sending UDP packets on port A to 255.255.255.255. At the same time, I have a UDP server bound to eth0, 0.0.0.0 and port A.

What I want to do is to make sure that the server won't receive messages generated by the application (handled purely in software by the kernel) but it will receive messages generated by other hosts in the network.

I can't change the payload of UDP packets nor add any headers to it.

I've already implemented a solution using RTNETLINK to fetch all IP addresses of the machine I'm sitting on (and filter basing on address from recvfrom()), but I'm wondering if there might be a simpler and cleaner solution.

EDIT: I thought about something like tagging the skb - the tag would disappear after leaving a physical interface, but wouldn't if it's just routed in the software.

Any ideas?

Answer 1

If you can patch your Linux kernel, you could use a setsockopt() option for choosing if you want to loopback the broadcast packets you're sending or not.

This patch reuse the IP_MULTICAST_LOOP option exactly for this purpose.

Also, instead of "messing" with the IP_MULTICAST_LOOP option, you could easily add your own setsockopt() option, maybe called IP_BROADCAST_NO_LOOP. This would guarantee that you're not changing the behavior for any other application.

Answer 2

You can do this at the firewall level by dropping packets to broadcast address port A with source address of the eth0.

Answer 3

You can compute a checksum or CRC (better) over the payload and filter against this.