[Click] ToHost userlevel
Bayani Carbone
b.carbone at cs.ucl.ac.uk
Thu Jun 12 15:17:19 EDT 2008
Thanks a lot for your help Tushar, we've found a way to intercept
outgoing packets in userlevel.
This is our configuration:
box running click and a server program on port 5001 (using tcp), one
interface: eth1
ip address: 192.168.1.4
box running client program, connecting to server ip but with a random
port, say 6423.
ip address: 192.168.1.5
So, as I wrote earlier, using IPRewiter to modify the destination port
to 5001 and using KernelTun(192.0.0.1/8) as you suggested, we were able
to send the packets up to the application.
Our problem was that the application would reply to the SYN packets with
SYN/ACKs containing 5001 as a source port which would then be rejected
by the client program since it was expecting 6423.
Trying to intercept packets going to the client using the output port of
KernelTun wasn't working because the destination IP of these packets was
on the same network as the server and would then be routed by the
"192.168.1.0/24 eth1" entry in our linux routing table and not the
"192.0.0.0/8 tun".
So what we did was delete the 1st route, and make the tunnel created by
KernelTun the default route. This allowed us to intercept packets in
click. We then forward them to the IPRewriter element and use output 1
for the reverse mapping. We then use ToDevice to send the packets to the
client and it works, the TCP connection gets created successfully.
Hope this can help you, although your configuration seemed different
from ours.
Thanks again for your input.
Bayani Carbone
More information about the click
mailing list