开发者

Raw ICMP packet to myself

开发者 https://www.devze.com 2023-02-12 03:50 出处:网络
On a linux system, I have built my own tunneling protocol, where I relay packets over a non-standarized but verfied medium. What I d开发者_C百科o is capture the packets using iptables and NFQUEUE, rel

On a linux system, I have built my own tunneling protocol, where I relay packets over a non-standarized but verfied medium. What I d开发者_C百科o is capture the packets using iptables and NFQUEUE, relay them over my medium, and at the other end I reinject them using raw sockets. The packet going into the tunnel is exactly the same as the one coming out, verified. The problem is that this doesn't work for ICMP Ping (Echo Request) if the destination of the ping is the same as the tunnel endpoint. If the destination is not the same as the tunnel endpoint, the ping packet is rerouted and arrives as it should at the receiver, and the ping reply comes back to the sender. Does anyone know whats going on. Isn't it possible to send raw icmp to yourself? If not, anyone have an idea what I should do instead?

What I have is:

R1 ---- T1 -----T2 ------ R2

R1 pings R2.

R1, R2, router 1 and router 2 T1, T2, Tunnel Points 1 and 2. (R1 and T1 located on the same router, and R2 and T2 on the same router). This setup does not work.

This do work:

R1 ---- T1 -----T2 ------ R2 ----- R3

R1 ping R3, this works.

Any ideas?

/Andy


I don't know if it's possible,but the preferred way to intercept and re-inject packets is to use the tun/tap interface (also see the kernel Documentation/ directory). I'd imagine ICMP would work if you switch.

0

精彩评论

暂无评论...
验证码 换一张
取 消