Hi, Could you perhaps send a diff instead? it is very difficult to read and comment this way. Thanks. On Fri, 2011-03-18 at 16:45 +0530, maria isabel wrote:

Hello All, I have attached the code snippet for extending tproxy to support sctp functionality.

For the socket lookup I use:

struct sock *nf_tproxy_get_sock_sctp4(const struct sk_buff *skb){

struct sctp_association *asoc; union sctp_addr *saddr , *daddr; struct sctp_transport **transport; struct sctphdr *sh; struct sock *sk;

void *temp; void *temp1;

memset(saddr,0,sizeof(saddr)); memset(daddr,0,sizeof(daddr));

saddr->v4.sin_family = AF_INET; daddr->v4.sin_family = AF_INET;

sh = sctp_hdr(skb);

temp=&ip_hdr(skb)->saddr; temp1=&ip_hdr(skb)->daddr;

memcpy(&saddr->v4.sin_addr.s_addr,temp, sizeof(struct in_addr)); memcpy(&daddr->v4.sin_addr.s_addr,temp1, sizeof(struct in_addr));

asoc = __sctp_get_association(saddr, daddr, transport); if (!asoc) sk=NULL; sk = asoc->base.sk;

return sk; }

This function I plan to invoke from both xt_TPROXY.c and xt_socket.c for sctp instead of the existing function for tcp and udp.

if(iph->protocol == IPPROTO_TCP || iph->protocol == IPPROTO_UDP){ sk = nf_tproxy_get_sock_v4(dev_net(skb->dev), iph->protocol, iph->saddr, tgi->laddr ? tgi->laddr : iph->daddr, hp->source, tgi->lport ? tgi->lport : hp->dest, par->in, true); }

else if(iph->protocol == IPPROTO_SCTP){ sk = nf_tproxy_get_sock_sctp4(skb); }

Have I missed out any condition during the socket lookup ? What about the icmp support?Can I just reuse the existing functionality by adding sctp to the list of protocols?

-- Bazsi