I finally figured out why the module was working.
Original code:
icq.tuple.dst.u.udp.port = htons(ICQ_PORT);
icq.tuple.dst.protonum = IPPROTO_UDP;
icq.mask.dst.u.udp.port = 0xffff;
icq.mask.dst.protonum = 0xffff;
Makes sense, right? I want all udp packets going to port 4000. But it
turns out that this works instead:
icq.tuple.src.u.udp.port = htons(ICQ_PORT);
icq.tuple.dst.protonum = IPPROTO_UDP;
icq.mask.src.u.udp.port = 0xffff;
icq.mask.dst.protonum = 0xffff;
Now, can anyone explain why the second example works, but the first
doesn't? I'd think setting the dst port in the tuple would give packets
with destination port desired. How are tuples interpreted in this context?
Scottie Shore <sshore@escape.ca>
"Experience is that marvelous thing that enables you to recognize
a mistake when you make it again." -- F. P. Jones
Original code:
icq.tuple.dst.u.udp.port = htons(ICQ_PORT);
icq.tuple.dst.protonum = IPPROTO_UDP;
icq.mask.dst.u.udp.port = 0xffff;
icq.mask.dst.protonum = 0xffff;
Makes sense, right? I want all udp packets going to port 4000. But it
turns out that this works instead:
icq.tuple.src.u.udp.port = htons(ICQ_PORT);
icq.tuple.dst.protonum = IPPROTO_UDP;
icq.mask.src.u.udp.port = 0xffff;
icq.mask.dst.protonum = 0xffff;
Now, can anyone explain why the second example works, but the first
doesn't? I'd think setting the dst port in the tuple would give packets
with destination port desired. How are tuples interpreted in this context?
Scottie Shore <sshore@escape.ca>
"Experience is that marvelous thing that enables you to recognize
a mistake when you make it again." -- F. P. Jones