I have a situation where my kernel module that registers the
nf hooks does does not see some packets. Those packets seems to be
those that are REDIRECTed by the following iptables rule:
*nat
:WEBFILTER-NAT - [0:0]
-A PREROUTING -j WEBFILTER-NAT
-A WEBFILTER-NAT -s 192.168.69.0/255.255.255.0 -p tcp -m tcp --dport
80 -j WF-8080
-A WF-8080 -p tcp -j REDIRECT --to-ports 8080
*filter
-A FORWARD -s 192.168.69.0/255.255.255.0 -j QUEUE
I hook 4 hooking points in my module (forward, local-in, local-out,
pre-routing).
My hooking priority is NF_IP_PRI_FIRST.
What is the reason that packets are not seen by my module ? How do I fix this ?
Thanks
Yakov
nf hooks does does not see some packets. Those packets seems to be
those that are REDIRECTed by the following iptables rule:
*nat
:WEBFILTER-NAT - [0:0]
-A PREROUTING -j WEBFILTER-NAT
-A WEBFILTER-NAT -s 192.168.69.0/255.255.255.0 -p tcp -m tcp --dport
80 -j WF-8080
-A WF-8080 -p tcp -j REDIRECT --to-ports 8080
*filter
-A FORWARD -s 192.168.69.0/255.255.255.0 -j QUEUE
I hook 4 hooking points in my module (forward, local-in, local-out,
pre-routing).
My hooking priority is NF_IP_PRI_FIRST.
What is the reason that packets are not seen by my module ? How do I fix this ?
Thanks
Yakov