Solved

help to separate implemenation of IP and LINK layers in ip_output.c

Posted on 2004-08-18
6
319 Views
Last Modified: 2010-04-21
Hi,
            I want to split ip_output.c file into 2 files for kernel 2.4.24 in ipv4 directory. the purpose for doing this is to separate the IP layer and Ethernet Layer. In ip_output.c both layers are implemented in that single file. what changes i required to that?
              Help to split that file.
0
Comment
Question by:b123coder
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 8

Expert Comment

by:da99rmd
ID: 11829560
Hi b123coder,
Dont understand the problem with the separation.
/Rob
0
 
LVL 3

Expert Comment

by:scn
ID: 11830633
What do you mean by ip_output.c implements both IP and Ethernet layer?

After the IP_POST_ROUTING netfilter hook, the only function called is ip_finish_output2() which:
- if the network driver associated to the routing table entry implements a dev->hard_header function and if the network interface has the flag ARP up, the function tries to resolve the IP address and prepends the hardware header to the skbuff,
- calls dev_queue_xmit()

Perhaps, you could explain for which purpose you need this split?
0
 

Author Comment

by:b123coder
ID: 11838426
Hi scn and da99rmd,
          By IP layer I mean IP header is added by ip_queue_xmit() for TCP packets and  ip_build_xmit(),ip_build_xmit_slow() for ICMP,IP,UDP packets. then as you told After the IP_POST_ROUTING netfilter hook, the only function called is ip_finish_output2() which is used for addindg HW header to send that packet on network.
        If this is correct then Can I say ip_output.c file implements both IP and Ethernet Layer?
         The purpose is that i want to add a new protocol handler instead of ip_rcv handler by inserting a new functionality to IP Layer.
0
What is a Denial of Service (DoS)?

A DoS is a malicious attempt to prevent the normal operation of a computer system. You may frequently see the terms 'DDoS' (Distributed Denial of Service) and 'DoS' used interchangeably, but there are some subtle differences.

 
LVL 3

Expert Comment

by:scn
ID: 11838876
The usual way to add a new functionality to the IP layer is to register the new kernel module near one or several netfilter hooks of the IP layer. For instance, if this module registers a function near the IP_PRE_ROUTING hook, it will be called from the ip_rcv function for each IP packet and will be able to consult, modify, steal or discard each packet.
The netfilter framework is flexible and has a lot of chances to respond to your needs.
Modifying directly the kernel sources (e.g. ip_output.c) is not recommended as your functionality would be hardly portable to different kernel versions.
0
 

Author Comment

by:b123coder
ID: 11839609
Hi scn,
          Let me tell you my full implementation requirement. I want to add 8 byte header in between IP layer and Ethernet Layer for that i want to separate the file and make ip_output.c for IP layer and My_output.c for My own header and Ethernet header and add new protocol handler. so what i want to know is that That is require me to modify kernel source or write a kernel module ?
       Does this thing require me to use netfilter files or  NF_HOOKS ?
0
 
LVL 3

Accepted Solution

by:
scn earned 50 total points
ID: 11840983
I think you can't implement such a functionality at IP layer because it can manipulate only IP packets, i.e. skbuffs beginning with an IP header, which is not respected if you add a private header before it.
My suggestion would be to implement it inside a virtual network interface. You may have a look at Alessandro Rubini's article available at http://www.linux-mag.com/2000-04/gear_01.html.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The purpose of this article is to fix the unknown display problem in Linux Mint operating system. After installing the OS if you see Display monitor is not recognized then we can install "MESA" utilities to fix this problem or we can install additio…
The purpose of this article is to demonstrate how we can upgrade Python from version 2.7.6 to Python 2.7.10 on the Linux Mint operating system. I am using an Oracle Virtual Box where I have installed Linux Mint operating system version 17.2. Once yo…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question