tags:

views:

44

answers:

1
Q: 

Is it possible to hook a packet after NF_IP_POST_ROUTING step of Netfilter?

I think that detection of source/destination mac addresses of a packet is done after NF_IP_POST_ROUTING step of Netfilter. Is it possible to hook the packet after this step with correct mac addrs? I want to decide about the out-going packet from my NIC to another to drop/accept packet. In another way, it is like to a firewall rule on mac addresses of output packets .

A: 

NO.

At the step of NF_IP_POST_ROUTING, the packet is still not filled up with mac address.

You can add some kernel packet sniffer job.

Here is a simple introduction.

arsane  2009-07-27 10:22:36

related questions

grep a file, but show several surrounding lines?
VMWare Server Under Linux Secondary NIC connection
Should I move from C++ to Python? ... Or another language?
Globus Toolkit virtual machine
How to avoid redefining VERSION, PACKAGE, etc.
How do I setup Public-Key Authentication?
showing a message box from a bash script in linux
Best Linux Distro for Computer Repair
Mapping my custom keys in Debian
Any IcedTea war stories?
How do you find the age of a long-running Linux process?
Personal Linux web server
Programmatically talking to a Serial Port in OS X or Linux
what's in your .bashrc ?
Linux - files and scripts that execute on boot
Text Editor For Linux (Besides Vi)?
Lightweight IDE for Linux
Shell scripting input redirection oddities
XML Editing/Viewing Software
What should a longtime Windows user know when starting to use Linux?
Gtk SSH client for Linux?
Getting root permissions on a file inside of vi?
Is it possible to drag windows between workspaces when using Compiz?
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?