Hi Pravin and Rajat, I have already registered a netfilter hook function which accepts/drop TCP packets and call it in init_module. My query here is how do I test the packets are captured or dropped.
If it's a hook like NF_IP_LOCAL_PROCESS, then it means it is destined for this host, so to test this do I need to write a test socket client-server program at user-level. Please reply. Regards, Rajendra Stalekar(extn 2016) Location:- Akruti Mobile no:- +91 9860501143 _____ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Pravin Sent: Wednesday, July 11, 2007 10:23 AM To: Rajat Jain Cc: [email protected] Subject: Re: Help in adding userspace function hooks to kernel On 7/9/07, Rajat Jain <[EMAIL PROTECTED]> wrote: Hi Pravin, > ... > I need to provide a hook from kernel-space to userspace. > ... > ... > I am also looking for possibility for pausing the execution > kernel thread till userspace function acknowlages the data > and take certain action on it. > ... This is not possible. And well, as others may advice, not at all logical. If you really need access to kernel data-structures and you feel your code needs to be called in middle of some kernel code path, a better decision might be to include your code in the kernel space itself. Sitting in the userspace, the closest you can get to it is using call_usermodehelper() that allows you call a userspace binary. Thanx for info I will re-considar my decision about putting my code in userspace. I was facing some problems to do my work from kernel space. my code need to take some decision based on some policy file, and reading policies from a file. This is the reason I am not comfortable in putting my code in kernel. as reading file from kernel space is little tedious thing, and even thats not recemended. thats y i am confused about how to tackle this problem. Thanks, Rajat -- Pravin Shinde
