Re: dlil_inject_if_input
Re: dlil_inject_if_input
- Subject: Re: dlil_inject_if_input
- From: Justin Walker <email@hidden>
- Date: Fri, 17 Sep 2004 19:41:09 -0700
On Sep 17, 2004, at 18:40, Matt Jaffa wrote:
Hi,
It seems that when I do netstat -s, I am noticing that when I
try to go to a blocked site and it trys to inject my packet it
increments the
bad version number in the ip section.
Ha! Nothing like good stats to point the way.
But I am properly putting in the right version number in my tcp
header.
As Sherlock might say, "When you have eliminated the impossible, what
remains is ...". I have to believe that you are not formatting your
injected packet correctly. Perhaps if you logged the hex values of the
IP header before injecting it, you could verify what is happening...
Could having a bad version number for the ip header cause it to be
discarded, and why is it not accepting the value,
The point of the version number is to accomodate multiple versions of
the IP header. If the system (stack) doesn't recognize the version, it
can't decode the header, so it dumps it.
One way I could see this happening is if it is incorrectly matching up
the right bytes to my header.
I think you should consider this as "you are incorrectly formatting the
appropriate bytes of the header". I believe that you are better served
by assuming that, when plugging your new code into code that has been
working without a problem for a long time, the likelihood is that your
code is in error. It's possible that there is a bug in the system, but
that's not the way to bet.
Cheers,
Justin
--
Justin C. Walker, Curmudgeon-At-Large *
Institute for General Semantics | If you're not confused,
| You're not paying attention
*--------------------------------------*-------------------------------*
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden