Re: dlil_inject_if_input
Re: dlil_inject_if_input
- Subject: Re: dlil_inject_if_input
- From: Justin Walker <email@hidden>
- Date: Fri, 17 Sep 2004 14:53:16 -0700
On Sep 17, 2004, at 13:32, Matthew Jaffa wrote:
I have interecepted an outgoing HTTP request using a dlil interface
filter. I return EJUSTRETURN in the dlil_if_output function to let it
know to not let this packet go out, but to still think it sent it out.
The connection has been successfully set up with a SYN/SYN-ACK/ACK
exchange, correct?
Now the problem is, is inserting my own HTTP/1.1 response into the
input stream of the machine that made the request.
[snip]
I am doing the checksumming correct now for the ipheader and tcpheader,
If you literally mean you checksummed the tcpheader, then you have a
problem: the TCP checksum covers all the TCP data.
but still no results. When I call dlil_inject_if_input am I supposed
to have a ethernet header on the mbuf I am injecting??? That might be
the problem, but don't know.
One way to determine what the IP stack is seeing is to review the IP
statistics before and after trying out a connection that should be
blocked (see, e.g., the lines "discarded for bad checksums", "bad
header checksums"; there are other counters that might shed light as
well. This is seen with "netstat -s").
It will help if your test network is lightly loaded so you can more
easily isolate the counters that are changing due to problems in your
implementation.
Also, check to see whether you see any RST packets being generated or
received by your stack (apropos of Josh's comments).
Cheers,
Justin
--
Justin C. Walker, Curmudgeon-At-Large *
Institute for General Semantics | It's not whether you win or
lose...
| It's whether *I* win or lose.
*--------------------------------------*-------------------------------*
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden